Open Source Elastic Stack finally meets security
As you probably know, Elastic Search is a distributed, document-oriented search and analytics engine, which supports structured and unstructured queries with a schemaless model ahead of time. Elastic Search is used as a search engine, and often for web-scale log analytics or real-time application monitoring. In the past, we previously wrote some examples for monitoring or auditing applications such as Liferay or Alfresco.
Some weeks / months ago, one important change was announced in Elastic Stack regarding its security module for the widely used Community / Open Source / Basic version. From 6.8 and 7.1 versions security module is also free, providing basic features such as:
- TLS for encrypted communications.
- Native realm for create and managing local users.
- Role based control access for indices and cluster APIs in Kibana.
This is quite relevant, because before these Elastic Stack versions, you need external parties (such as Search Guard) or basic tricks (with Apache plus some Community plugins) for providing authentication access and authorization features in free version of Elastic Search and Kibana. During last months, we read and worried about thousands of unprotected Kibana instances exposing Elasticsearch databases, so this is an important reaction and good news for Elastic Search Community users. And on the other hand, we saw a «benevolent» Amazon contribution (as benevolent cloud provider for life) to open source, creating an open source distribution for Elastic Search, providing the missing security features in Community versión of Kibana and Elastic Search too.
Despite of this, some interesting and important features are still in EE version of Elastic Search, such as the possibility of using an external LDAP or SAML-based SSO features.