IP traffic filters

Traffic filtering, by IP address or CIDR block, is one of the security layers available in Elasticsearch Service. It allows you to limit how your deployments can be accessed. TIP: See Traffic Filter article for the general concepts behind traffic filtering in Elasticsearch Service.

Create an IP filter rule set

You can combine any rules into a set, so we recommend that you group rules according to what they allow, and make sure to label them accordingly. Since multiple sets can be applied to a deployment, you can be as granular in your sets as you feel is necessary.

To create a rule set:

  1. From the Platform menu, select Security.
  2. Click Create filter.
  3. Select IP filtering rule set.
  4. Create your rule set, providing a meaningful name and description.
  5. Select the region for the rule set.
  6. Select if this rule set should be automatically attached to new deployments.

    Each rule set is bound to a particular region and can be only assigned to deployments in the same region.

  7. Add one or more rules using IPv4, or a range of addresses with CIDR.

    DNS names are not supported in rules.

The next step is to associate one or more rule-sets with your deployments.

Edit an IP filter rule set

You can edit a rule set name or to change the allowed traffic sources using IPv4, or a range of addresses with CIDR.

  1. From the Account menu, select Traffic filters.
  2. Find the rule set you want to edit.
  3. Click the Edit icon.

Delete an IP filter rule set

If you need to remove a rule set, you must first remove any associations with deployments.

To delete a rule set with all its rules:

  1. Remove any deployment associations.
  2. From the Account menu, select Traffic filters.
  3. Find the rule set you want to edit.
  4. Click the Delete icon. The icon is inactive if there are deployments assigned to the rule set.

Associate an IP filter rule set with your deployment

After you’ve created the rule set, you’ll need to associate IP filter rules with your deployment:

  1. Go to the deployment.
  2. On the Security page, under Traffic filters click Apply filter.
  3. Select the filter you want to apply and click Apply filter.

Remove an IP filter rule set association from your deployment

If you want to remove any traffic restrictions from a deployment or delete a rule set, you’ll need to remove any rule set associations first. To remove an association through the UI:

  1. Go to the deployment.
  2. On the Security page, under Traffic filters click Remove.