Help Center/ Config/ User Guide/ Resource Compliance/ Built-In Policies/ Cloud Search Service/ CSS Clusters Have Kibana Public Access Control Enabled
Updated on 2025-01-22 GMT+08:00
View PDF
Share

CSS Clusters Have Kibana Public Access Control Enabled

Rule Details

Table 1 Rule details

Parameter

Description

Rule Name

css-cluster-kibana-not-enable-white-list

Identifier

css-cluster-kibana-not-enable-white-list

Description

If a CSS cluster does not have Kibana public access control enabled, this cluster is noncompliant.

Tag

css

Trigger Type

Configuration change

Filter Type

css.clusters

Configure Rule Parameters

None

Applicable Scenario

If a CSS cluster has Kibana access control disabled, Kibana is publically accessible by all IP addresses. If Kibana access control is enabled, it is only accessible by whitelisted IP addresses over public networks. For details, see Logging In to an Elasticsearch Cluster Using Kibana.

Solution

You can call the Enabling Kibana Public Access API to whitelist IP addresses that can access Kibana.

Rule Logic

  • If a CSS cluster does not have Kibana public access enabled, this cluster is compliant.
  • If a CSS cluster has Kibana public access enabled but does not have access control enabled, this cluster is noncompliant.
  • If a CSS cluster has both Kibana public access and access control enabled, this cluster is compliant.
Parent topic: Cloud Search Service