Security in Elasticsearch

Have some queries about the security in ES :slight_smile:

1 ) Using the REST client can a secure connection be made to Elastic-Search without a need for any ES server plugin (shield ?) Or is it that a shield is needed for secure connection irrespective of the type of client ? can you please clarify

  1. Is the X-Pack released under propitiatory license ?
  1. If you run Elasticsearch without any server plugins, then it does not include any security features. Anyone who has network access to Elasticsearch will have access to read, update or delete all data in the cluster. This is true regardless of the client type they are using. The elastic blog has more information about ways to protect your Elasticsearch cluster

  2. X-Pack is commercial software with its own licensing terms. You can read about subscription options on the website, or contact one of the team to get more details about the licensing terms.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.