If the Elasticsearch cluster denies access from the Internet for Kibana, the evaluation result is Compliant.
Scenario
Disabling Internet access for Kibana can reduce network security risks.
Risk level
Default risk level: medium.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
- If the Elasticsearch cluster denies access from the Internet for Kibana, the evaluation result is Compliant.
- If the Elasticsearch cluster allows access from the Internet for Kibana, the evaluation result is Incompliant. For more information about how to remediate an incompliant configuration, see the "Incompliance remediation" section of this topic.
Rule details
| Item | Description |
|---|---|
| Rule name | elasticsearch-instance-enabled-kibana-public-check |
| Rule identifier | elasticsearch-instance-enabled-kibana-public-check |
| Tag | Elasticsearch and Instance |
| Automatic remediation | Not supported |
| Trigger type | Configuration change |
| Supported resource type | Elasticsearch cluster |
| Input parameter | None |
Incompliance remediation
Disable Internet access for Kibana in the Elasticsearch cluster. For more information, see Configure a public or private IP address whitelist for Kibana.