Introduction

This document discusses securing your Elasticsearch deployment, from initial installation to configuration.

Why Security?

An Elasticsearch cluster benefits from properly implemented security in the following ways:

  • Role-based access control at the index level and LDAP authentication integration to prevent unauthorized access
  • Encryption to preserve the integrity of your data, keeping confidential data confidential.
  • An Audit trail to analyze access patterns.

Prevent Unauthorized Access

The term unauthorized access properly covers two distinct security concepts: Authentication and Authorization. Authentication validates that a user is who they claim to be. A proper authentication setup enforces that only the person named, for example, Kelsey Andorra can authenticate to Elasticsearch as the user kandorra. Shield ships with out-of-the-box internal authentication mechanism and also integrates with LDAP and the Active Directory to provide user authentication. Authorization enforces a set of privileges that are available to a specific user. To continue the example, an authorization framework enforces that the user kandorra has the ability to perform specific actions on the Elasticsearch cluster. These specific actions are called privileges. See the Reference section for a complete list of privileges. Privileges are bundled into sets, and a set of privileges is called a role. Shield also provides for authorization based on the client’s IP address. You may whitelist and blacklist subnets to control network-level access to a server.

Preserve Data Integrity

A standard Elasticsearch cluster provides functionality that provides redundancy to protect against accidental data loss and corruption. By providing encryption for data that is being transmitted from node to node within the cluster, Elasticsearch security protects data from deliberate tampering or unauthorized access.

Provides an Audit Trail

Knowing who requested which actions on your data, and when, is an important part of security. Keeping an auditable log of the activity in your cluster can not only help diagnose performance issues, but provide insight into attacks and attempted breaches.

Security as a Plugin

Security features for Elasticsearch are implemented in a plugin that you install on each node in your cluster.

What’s In This Document

The information in this document covers the following broad categories:

  • To learn about the architecture of the Elasticsearch security plugin and how the various elements of security interact, see the Architecture Overview section.
  • To get started with Elasticsearch security, from installation to initial configuration, see the Getting Started section.
  • To answer specific questions about configuration elements and privileges in Elasticsearch security, see the Reference section.