Securing your installationedit

Learn about security considerations and security-related tasks you should be aware of when deploying Elastic Cloud Enterprise:

  • Security Considerations - Covers information about current limitations, access control, encryption, and possible attack vectors.
  • Generate Roles Tokens - For automation purposes, generate a new ephemeral or persistent token with the right role permissions, so that you can install ECE on hosts and add the right roles at the same time.
  • Revoke Roles Tokens - Roles tokens enable additional hosts to join an ECE installation. If a token is no longer needed, it should be revoked to improve security.
  • Manage Security Certificates - Provide your own certificates for ECE to avoid a security warning when connecting to the Cloud UI or when using the API over HTTPS.
  • Set up traffic filters to restrict traffic to your deployment to only trusted IP addresses or VPCs.
  • Retrieve User Passwords - Retrieve the credentials for the administration console users admin and readonly.
  • Reset User Passwords - Reset the passwords for the admin and readonly administration console users that you use to log into the Cloud UI.
  • Configuring the TLS version - Revert back to the pre-2.4.0 behavior and allow TLS v1.0 clients to connect to Elastic Cloud Enterprise.
  • Allowing x509 Certificates with the SHA-1 hash function - Revert to the pre-3.5.0 behavior and accept x509 certificates signed with the SHA-1 hash function.