Hello All,
I am looking for a little best practice guidance for our single node cluster on a customer site.
The main aim is to create roles in kibana so that we can lock down access to certain individuals and groups. My understanding is that to achieve this we need to setup Elasticsearch security in some form.
Being a single node setup, is there any advantage going with minimal security rather than basic security. What would be considered best practice in this situation?
Thanks in Advance.
Hi,
Given your requirement to create roles in Kibana and lock down access to certain individuals and groups, basic security would be the better choice. It provides the access control features you need and also offers additional security benefits.
Regards
Thank you for the reply,
Can you explain which access controls come with the basic setup that dont come with basic?
I am trying to find a meaningful feature comparison but as yet haven´t found one.
Also side question,
Is there an negative drawbacks when setting single node discovery in a production environment?
If you desactivate security, then you won't have any security anymore. It's not recommended.
Elasticsearch comes with a basic license by default which gives you access to basic security features and this is what you need here as per your description.
You can look at this page for the details: Subscriptions | Elastic Stack Products & Support | Elastic
Is there an negative drawbacks when setting single node discovery in a production environment?
Yes. If the node or the machine fails, you will loose your data and the service.
Sorry I made a mistake in my previous post,
The question should have been, are there features that come with basic level security that don´t come with minimal.
The basic security kb shows additional setup for tls which appears to be be between elasticsearch nodes (or am I wrong) and being a single node setup (this is what the customer has provided) I am unsure if there is an additional benefit setting up TLS for our single node cluster,
sorry for the confusing way I worded my last post.
There's no minimal version. It starts with basic.
I could be mistaken, being somewhat of a newbie I am still confused by some of the terms. This article suggests there is a minimal level
Are the nodes being refereed to Elasticsearch nodes or also Kibana instances?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
