Why es is not secured

Here's some discussion

Briefly: ES has no built in security adn isn't meant to. Attempts to add security by embedding ES inside a web framework have not been too successful.

Bedework runs ES in 2 modes:

Embedded - with or without http enabled
externally - read the ES documentation to deploy it.

In the embedded form the http interface can be enabled for debugging - it appears on port 9200 and is unprotected. Turn it off for deployment. It needs to be configured to allow for a reasonable number of indexes and shards - it's a 1 node system. Old indexes should be purged or it will not start up.

It's hoped this form will be good enough for a reasonable size unclustered organization.

If you go clustered bedework you MUST run an external ES. It needs to be firewalled or run on an inaccessible subnet. You can configure everything for bedework via jmx. The node configuration for ES will have to be set manually. The mappings are maintained as for embedded.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Why es is not secured

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally