elasticsearch username and password security #1383
-
|
Hello, |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
ElastAlert 2 can read the ES credentials from the config.yml or from env vars. If you are using Kubernetes, the config file or env vars can be reconstructed from Kube Secrets. If you're not using Kubernetes, you can use a config.yml with permissions set to 600. If you need more security beyond that, such as reading the credentials from a credential vault over the network, then you can create a custom front-end Python wrapper for the ElastAlert 2 module, and after init'ing the ElastAlert object, update the loaded config dict with the secure ES credentials. Then hand off the flow back to the ElastAlert module via Alternatively, you can submit a PR to this project, following the contribution guidelines located in the root of the project, where your PR introduces an alternative method of loading those credentials. |
Beta Was this translation helpful? Give feedback.
ElastAlert 2 can read the ES credentials from the config.yml or from env vars. If you are using Kubernetes, the config file or env vars can be reconstructed from Kube Secrets. If you're not using Kubernetes, you can use a config.yml with permissions set to 600.
If you need more security beyond that, such as reading the credentials from a credential vault over the network, then you can create a custom front-end Python wrapper for the ElastAlert 2 module, and after init'ing the ElastAlert object, update the loaded config dict with the secure ES credentials. Then hand off the flow back to the ElastAlert module via
obj.start(), whereobjis the ElastAlert object.Alternatively, you can submit…