CSS Clusters Support the Security Mode
Rule Details
Parameter |
Description |
---|---|
Rule Name |
css-cluster-security-mode-enable |
Identifier |
css-cluster-security-mode-enable |
Description |
If a CSS cluster does not support the security mode, this cluster is noncompliant. |
Tag |
css |
Trigger Type |
Configuration change |
Filter Type |
css.clusters |
Configure Rule Parameters |
None |
Applicable Scenario
Clusters in non-security mode can be accessed without security authentication, and HTTP protocol is used to transmit data. Ensure access environment security and do not expose the access APIs to the public network. A security-mode cluster requires security authentication and supports authorization and encryption. It is advised to use HTTPS for communication to ensure data security. For details, see Changing the Security Mode of an Elasticsearch Cluster.
Solution
Some cluster versions do not support the security mode. Use a version that supports the security mode, for example, Elasticsearch 7.10.2.
Rule Logic
- If a CSS cluster does not support the security mode, this cluster is noncompliant.
- If a CSS cluster supports the security mode, this cluster is compliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot