IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
Securing your installation
editSecuring your installation
editLearn about security considerations and security-related tasks you should be aware of when deploying Elastic Cloud Enterprise:
- Security Considerations - Covers information about current limitations, access control, encryption, and possible attack vectors.
- Generate Roles Tokens - For automation purposes, generate a new ephemeral or persistent token with the right role permissions, so that you can install ECE on hosts and add the right roles at the same time.
- Revoke Roles Tokens - Roles tokens enable additional hosts to join an ECE installation. If a token is no longer needed, it should be revoked to improve security.
- Manage Security Certificates - Provide your own certificates for ECE to avoid a security warning when connecting to the Cloud UI or when using the API over HTTPS.
- Set up traffic filters to restrict traffic to your deployment to only trusted IP addresses or VPCs.
-
Retrieve User Passwords - Retrieve the credentials for the administration console users
admin
andreadonly
. -
Reset User Passwords - Reset the passwords for the
admin
andreadonly
administration console users that you use to log into the Cloud UI. - Configuring the TLS version - Revert back to the pre-2.4.0 behavior and allow TLS v1.0 clients to connect to Elastic Cloud Enterprise.
- * Configuring Cross-origin resource sharing (CORS) - Revert to the pre-2.4.0 behavior and allow TLS v1.0 clients to connect to Elastic Cloud Enterprise.