Trust across organizations, and more
editTrust across organizations, and more
editExpanding trust management
In addition to inviting additional users to your organization, you can configure trust relationships between your deployments and deployments in other organizations. To know more, check the documentation on trust between organizations.
Features
editIntegrations Server. Add Integrations Server to UI in deployment contexts. New deployments with versions below 8.0 will use APM, and new deployments with versions 8.0 and higher will use the new Integrations Server resource.
Enhancements
editAdd cross-org trust flyout. Bidirectional trust can now be established between deployments in different Elastic Cloud organizations.
Add execution_context.enabled
to the Kibana user section allow list. It might be hard, in a distributed environment, to understand which Kibana entity initiated a request to the Elasticsearch server. To overcome this problem, Kibana introduced the execution_context
service to attach domain-specific metadata to every request. execution_context
propagates specified metadata from the Kibana browser app or Kibana server to the Elasticsearch server by way of the x-opaque-id
header emitted to the Elasticsearch slow logs.
To enable execution_context
propagation from Kibana to Elasticsearch logs, set execution_context.enabled: true
.
To disable the execution_context
feature, set execution_context.enabled: false
.
Add APM agent to production observers. Enables APM to zookeeper observers.
Prevent users from deleting Elasticsearch settings when updating other settings (using the Deployments API). The endpoint to update deployments supports updating the settings of the Elasticsearch resource (PUT "/api/v1/deployments/{deployment_id}"
).
PUT "api/v1/deployments/{deployment_id}" -X PUT --data '{ "prune_orphans": false, "resources": { "elasticsearch": [ { "ref_id": "main-elasticsearch", "region": "us-east-1", "plan": { "cluster_topology": [...], "elasticsearch": { "version": "7.16.0" }, "deployment_template": { "id": "default" } }, "settings": { "dedicated_masters_threshold": 2 <-- THESE SETTINGS } } ] } }'
Previously, the settings passed in the body would override all the settings (even the ones not included in the request). Now, the settings not included in the request are kept and only the ones included are passed. To delete a setting, it must be passed as null
.
For example, this setting updates only the dedicated_masters_threshold
and the snapshot
settings, leaving the rest unmodified (trust, curation, monitoring, and so on).
"settings": { "dedicated_masters_threshold": 10, "snapshot": { "enabled": false } }
This would delete the snapshot
setting:
"settings": { "snapshot": { "enabled": null } }
Stop overwriting templates from Filebeat. Changed log delivery Filebeat to disable setup.template.overwrite
. This flag was causing many PUT _template/elastic-cloud-logs-*
requests which could cause increased load on monitoring deployments when using log delivery.
Re-add supporting alias lookup by X-Found-Cluster. Allow requests to resolve hosts by alias passed in the X-Found-Cluster
header.
Bug fixes
editMake a field optional for the sake of Elasticsearch 2.x. Fixed a bug that would cause plans for Elasticsearch versions older than 2.4.1 to fail with an error message that included "Null value for creator property cluster_uuid".
Deprecations
editRemove proxy internal-ca.cert file. Removed deprecated internal-ca.cert in proxy/route-server.
Docs
editAdd a workaround for subscribing with already associated email. We’ve added a workaround to sign up for a new Elastic Cloud account using an email address associated with an existing account.
Update the Elasticsearch settings in the OpenID Connect with Okta documentation.