X-Pack alternative

A customer is currently using Elastic Cloud for their ES. They're looking to move to AWS ES, but since we don't support X-Pack, they're asking how they can secure the Kibana instance that's included in the domain.

Topics

Serverless Analytics

Tags

Amazon OpenSearch Service

Language

English

AWS-User-7612972

asked 7 years ago560 views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

Accepted Answer

The most common approach is to introduce a Proxy EC2 instance in front of Amazon ES and Kibana as described in the 2nd part of the following blog post: https://aws.amazon.com/blogs/security/how-to-control-access-to-your-amazon-elasticsearch-service-domain/

You can then implement whatever form of authentication/authorization you want on e.g. NGINX. An alternative would be to use API Gateway and AWS Lambda for a server-less approach.

AWS-User-7011152

answered 7 years ago

Relevant content

Upgrade ES 6.3 to 6.4 seems stuck
tbrouwer
asked 5 years ago
Securing Kibana and ElasticSearch without X-Pack-Security plugin
Accepted Answer
AWS-User-8801015
asked 7 years ago
Data wiping approach(es)
Accepted Answer
PeteM
asked 2 months ago
Is it possible to create or clone an existing ES 5 / ES 6 cluster?
Accepted Answer
nnkken
asked 5 months ago
How can I use Security Hub to monitor security issues for my AWS environment?
AWS OFFICIALUpdated 2 years ago
How do I troubleshoot Kibana errors in OpenSearch Service?
AWS OFFICIALUpdated 9 months ago
How do I move an Elastic IP address to a different EC2 instance?
AWS OFFICIALUpdated a year ago
How do I use an NGINX proxy to access Kibana or OpenSearch Dashboards outside of a VPC that doesn’t use Amazon Cognito authentication?
AWS OFFICIALUpdated 9 months ago
Security considerations for VMware Cloud on AWS
EXPERT
Jonas Werner
published 9 months ago
Securing Workloads on VMware Cloud on AWS Using Native AWS Services
EXPERT
lmessier
published 11 days ago