* [DOCS] Add ES security principles
* Incorporating review feedback
* More changes from review feedback
* Fix cross-link to Painless guide
* Clarify callout text
* Add information about elasticsearch user
* Minor wording edits
* Consolidate Java Security Manager description, plus other edits
* Clarify not running as root
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* [DOCS] Security ON by default alpha1
* Adding NOTCONSOLE to curl request
* Incorporating review feedback
* Adding steps to configure Kibana for TLS
* Apply suggestions from code review
Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
* Adding clarification and a link for monitoring cluster
* Fixing typo
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
* [DOCS] Steps for updating TLS certificates
* Updates for changing CA
* Updates for rotating certs with a new CA
* Add instructions for generating HTTP certs with a new CA
* Add steps for creating HTTP certs with new CA
* Clarify note about cluser restart and other edits
* Clarifying scenarios
* Apply suggestions from code review
Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
* Incorporating review feedback and making necessary changes
* Clarifications and changes regarding restarts
* Remove errant --pem in basic security setup
* Incorporate suggestions from code review
Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
* Many, many updates. But good ones.
* Add languages for snippets
* Reorder steps to reference rolling restart throughout for consistency
* Add clarifying what's next steps
* Add instructions for updating Kibana certificate
* Apply suggestions from Ioannis' stellar code review
Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
* Update instructions to use a single keystore, plus other review changes
* Incorporating another round of review comments
* Minor updates from reviewer feedback
* Clarifying examples and fixing numbering
* Skip tests that are creating unnecessary noise
* Quieting other tests
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
* Removing security overview and condensing.
* Adding new security file.
* Minor changes.
* Removing link to pass build.
* Adding minimal security page.
* Adding minimal security page.
* Changes to intro.
* Add basic and basic + http configurations.
* Lots of changes, removed files, and redirects.
* Moving some AD and LDAP sections, plus more redirects.
* Redirects for SAML.
* Updating snippet languages and redirects.
* Adding another SAML redirect.
* Hopefully fixing the ci/2 error.
* Fixing another broken link for SAML.
* Adding what's next sections and some cleanup.
* Removes both security tutorials from the TOC.
* Adding redirect for removed tutorial.
* Add graphic for Elastic Security layers.
* Incorporating reviewer feedback.
* Update x-pack/docs/en/security/securing-communications/security-basic-setup.asciidoc
Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
* Update x-pack/docs/en/security/securing-communications/security-minimal-setup.asciidoc
Co-authored-by: Yang Wang <ywangd@gmail.com>
* Update x-pack/docs/en/security/securing-communications/security-basic-setup.asciidoc
Co-authored-by: Yang Wang <ywangd@gmail.com>
* Update x-pack/docs/en/security/index.asciidoc
Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
* Update x-pack/docs/en/security/securing-communications/security-basic-setup-https.asciidoc
Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
* Apply suggestions from code review
Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
Co-authored-by: Yang Wang <ywangd@gmail.com>
* Additional changes from review feedback.
* Incorporating reviewer feedback.
* Incorporating more reviewer feedback.
* Clarify that TLS is for authenticating nodes
Co-authored-by: Tim Vernum <tim@adjective.org>
* Clarify security between nodes
Co-authored-by: Tim Vernum <tim@adjective.org>
* Clarify that TLS is between nodes
Co-authored-by: Tim Vernum <tim@adjective.org>
* Update title for configuring Kibana with a password
Co-authored-by: Tim Vernum <tim@adjective.org>
* Move section for enabling passwords between Kibana and ES to minimal security.
* Add section for transport description, plus incorporate more reviewer feedback.
* Moving operator privileges lower in the navigation.
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
Co-authored-by: Yang Wang <ywangd@gmail.com>
Co-authored-by: Tim Vernum <tim@adjective.org>
Add documentation for operator privilegs. The docs cover features delivered by phase 1 (#65256) and 2 (#66684).
Co-authored-by: Tim Vernum <tim@adjective.org>
Co-authored-by: lcawl <lcawley@elastic.co>
Co-authored-by: Adam Locke <adam.locke@elastic.co>