Securing your installation
editSecuring your installation
editLearn about security considerations and security-related tasks you should be aware of when deploying Elastic Cloud Enterprise:
- Security Considerations - Covers information about current limitations, access control, encryption, and possible attack vectors.
- Generate Roles Tokens - For automation purposes, generate a new ephemeral or persistent token with the right role permissions, so that you can install ECE on hosts and add the right roles at the same time.
- Revoke Roles Tokens - Roles tokens enable additional hosts to join an ECE installation. If a token is no longer needed, it should be revoked to improve security.
- Manage Security Certificates - Provide your own certificates for ECE to avoid a security warning when connecting to the Cloud UI or when using the API over HTTPS.
- Set up traffic filters to restrict traffic to your deployment to only trusted IP addresses or VPCs.
-
Retrieve User Passwords - Retrieve the credentials for the administration console users
admin
andreadonly
. -
Reset User Passwords - Reset the passwords for the
admin
andreadonly
administration console users that you use to log into the Cloud UI. - Configuring the TLS version - Revert back to the pre-2.4.0 behavior and allow TLS v1.0 clients to connect to Elastic Cloud Enterprise.
- Allowing x509 Certificates with the SHA-1 hash function - Revert to the pre-3.5.0 behavior and accept x509 certificates signed with the SHA-1 hash function.