HTTPS Access Is Enabled for CSS Clusters
Rule Details
|
Parameter |
Description |
|---|---|
|
Rule Name |
css-cluster-https-required |
|
Identifier |
css-cluster-https-required |
|
Description |
If HTTPS Access is not enabled for a CSS cluster, this cluster is noncompliant. |
|
Tag |
css |
|
Trigger Type |
Configuration change |
|
Filter Type |
css.clusters |
|
Configure Rule Parameters |
None |
Applicable Scenario
You can enable HTTPS for CSS clusters. If HTTPS is disabled, HTTP is used for cluster communication. This compromises data security, and public access cannot be enabled. For details, see Changing the Security Mode of an Elasticsearch Cluster.
Solution
To enable HTTPS access, the security mode must be enabled for the cluster. Once HTTPS access is enabled, all communication with the cluster will be encrypted. To enable the security mode, call the Configuring the Security Mode API.
Rule Logic
- If a CSS cluster does not have the security mode enabled, this cluster is noncompliant.
- If a CSS cluster has the security mode enabled but has HTTPS disabled, this cluster is noncompliant.
- If a CSS cluster has HTTPS enabled, this cluster is compliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
