Bring your own key, and moreedit

The following changes are included in this release.


Encryption at rest for your deployments and snapshots with a customer-managed key. You can now bring your own key to encrypt your Elastic Cloud deployment data and snapshots.

With this release, encryption at rest using customer-managed keys is available when creating new deployments on AWS regions using Elastic Cloud APIs. Other cloud providers and the ability to edit encryption settings for existing deployments will be added in upcoming releases of Elastic Cloud.

Learn more in our detailed documentation.


Logs Routes: Check log filter levels inputs before sending queries to the logs cluster. Improve the api/v1/deployments/<ID>/elasticsearch/<ID>/logs/_search endpoint by detecting when level:N query parameters are malformed, before trying to run the search. Also improve malformed requests error handling and response messages.

Move "Chat" button to the header. Move the location of the "Chat" button to the Elastic banner.

Allowlist allowed_subject_patterns JWT realm setting. Setting can now be specified through user settings for the Elasticsearch cluster.

Remove snapshot repo access. Users can now remove access to a source deployment’s snapshot repo from a cloned deployment.

Bug fixesedit

Better error handling. Provide better error handling for search results on non-self-monitored deployments.

Kibana audit settings notation fix. Kibana audit settings now support dot or nested notation.

Fix search engine availability alert links. Fix broken links to the Kibana dashboard that appear in search engine availability alerts sent in Slack.

Fix wrapping of deployment name in delete deployment modal. When deleting deployments with long names, the name is now wrapped in the UI, allowing the deployment to be deleted.