Shield against ES KOPF

security

(Vikranth Vanam) #1

We wanted to protect elastic cluster from any third party plugins usage, like KOPF, HEAD etc. Is there anything in Shield that we can implement to disable access from those plugins.


(Steve Kearns) #2

Hi Vikranth,

Great question! Yes, you have a number of options to prevent unauthorized users from using those tools when using Shield. Those tools are all just calling ES APIs, primarily the cluster health and monitoring APIs.

First, when you install Shield, you configure which users are allowed to access the Elasticsearch cluster at all. If a user shouldn't have access to ES, simply do not grant them any access and they won't be able to do anything with the cluster.

If a user should be able to access some data in ES, but not see or change cluster settings, you can use the Role Based Access Control feature of Shield to allow them to access data in their indexes, but not access the cluster health, monitoring or settings APIs.

Hope that helps!

Thanks,
Steve


(Vikranth Vanam) #3

Thank you Steve. That really helps.


(system) #4