We are providing search service to one of our customer who requires that the index data on our cluster must be encrypted because the index contains many secrete data which they don't want anyone know the content unless he/she has credential. When doing the query, they will pass cert or credential to De-crypt the indexed data.
That is, the data in ES shard is encrypted, and ES shall Decrypt the data in each shard and doing the searching.
I Suggestion that you do not give your customer es search service directly,
you can give a web service as stand, where you can use search origin data and give the custom encryped data , and the custom decryped the data themself
The requirement is not finalized yet, but so far my understand of the requirement is, that even we directly query the index from ES endpoint, we can only see the encrypted content in ES response.
It is something like store encrypted data in DB and event DB admin cannot see the original content without encryption key.
we can only see the encrypted content in ES response.
I'd ask that specific question in #x-pack to see what are the exact options you have.
It is something like store encrypted data in DB and event DB admin cannot see the original content without encryption key.
I believe we don't support that. The data is stored and indexed in clear. Communication between nodes and clients can be encrypted with x-pack though but as I said at the end if the client is allowed to query, he will get back a clear answer.
Unless you decide to not store the _source field and just store some encrypted fields but index only clear fields. That might be a handmade option if this is really needed.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.