I am looking for a little best practice guidance for our single node cluster on a customer site.
The main aim is to create roles in kibana so that we can lock down access to certain individuals and groups. My understanding is that to achieve this we need to setup Elasticsearch security in some form.
Being a single node setup, is there any advantage going with minimal security rather than basic security. What would be considered best practice in this situation?
Given your requirement to create roles in Kibana and lock down access to certain individuals and groups, basic security would be the better choice. It provides the access control features you need and also offers additional security benefits.
If you desactivate security, then you won't have any security anymore. It's not recommended.
Elasticsearch comes with a basic license by default which gives you access to basic security features and this is what you need here as per your description.
The question should have been, are there features that come with basic level security that don´t come with minimal.
The basic security kb shows additional setup for tls which appears to be be between elasticsearch nodes (or am I wrong) and being a single node setup (this is what the customer has provided) I am unsure if there is an additional benefit setting up TLS for our single node cluster,
sorry for the confusing way I worded my last post.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.