Don't want to use https and user:password

Thibault_Richard · October 4, 2019, 12:47pm

Hello,

TLS can be disabled as explained here: https://www.elastic.co/guide/en/cloud-on-k8s/0.9/k8s-accessing-elastic-services.html#k8s-disable-tls.

spec:
  http:
    tls:
      selfSignedCertificate:
        disabled: true

Basic authentication can be bypassed by enabling anonymous access: https://www.elastic.co/guide/en/elastic-stack-overview/7.4/anonymous-access.html.

spec:
  nodes:
  - nodeCount: 1
    config:
      xpack.security.authc:
          anonymous:
            username: anonymous
            roles: superuser
            authz_exception: false

Even in a private cluster, we don't recommend to turn off these security layers.
Obviously, it is up to you to make the decision

Topic		Replies	Views
Elastic cloud with auth but without https Elastic Cloud on Kubernetes (ECK)	5	1983	November 4, 2022
Cannot disable TLS and security in EKS Elastic Cloud on Kubernetes (ECK)	12	17013	November 4, 2022
Enable x-pack without ssl on kibana and elasticsearch using helm chart Elasticsearch elastic-stack-security	18	10216	August 1, 2019
Enable TLS between ES and Kibana on an existing cluster Elastic Cloud on Kubernetes (ECK)	4	1027	April 7, 2021
Disable login kibana 8.2 Elastic Cloud on Kubernetes (ECK) elastic-stack-security	6	1080	June 11, 2022

Don't want to use https and user:password

Related topics