When I'm exploring the data dir of elasticsearch node, I found that there are some dirs in 'data/nodes/0/indices', say 'foo' and 'bar'. Are these dirs right my actual indices in cluster(foo and bar) correspondingly?
Actually I'm thinking to encrypt data on disk with index level. For example, encrypt index foo with key_foo and encrypt index bar with key_bar. If answer to the dir question is yes, then I can just encrypt the index data file with specific key.
Or any other ways to do index level at rest encryption?
Encryption at rest is usually done on the whole volume.
There are/were 3rd party (commercial) solutions that sat on top of Elasticsearch to do this, but I don't know the status of them as I saw them a few years ago now.
I would hazard a guess and say that you cannot directly map index names to directory names that easily, so it's not likely you can do it like that.
Hopefully someone like David Turner will pop in and add some more comments, as he knows this area well.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.