AWS Security Blog

Category: Amazon Elasticsearch Service

Configure SAML single sign-on for Kibana with AD FS on Amazon Elasticsearch Service

It’s a common use case for customers to integrate identity providers (IdPs) with Amazon Elasticsearch Service (Amazon ES) to achieve single sign-on (SSO) with Kibana. This integration makes it possible for users to leverage their existing identity credentials and offers administrators a single source of truth for user and permissions management. In this blog post, […]

Read More

Masking field values with Amazon Elasticsearch Service

Amazon Elasticsearch Service (Amazon ES) is a fully managed service that you can use to deploy, secure, and run Elasticsearch cost-effectively at scale. The service provides support for open-source Elasticsearch APIs, managed Kibana, and integration with Logstash and other AWS services. Amazon ES provides a deep security model that spans many layers of interaction and […]

Read More

How to visualize multi-account Amazon Inspector findings with Amazon Elasticsearch Service

Amazon Inspector helps to improve the security and compliance of your applications that are deployed on Amazon Web Services (AWS). It automatically assesses Amazon Elastic Compute Cloud (Amazon EC2) instances and applications on those instances. From that assessment, it generates findings related to exposure, potential vulnerabilities, and deviations from best practices. You can use the […]

Read More

Get started with fine-grained access control in Amazon Elasticsearch Service

Amazon Elasticsearch Service (Amazon ES) provides fine-grained access control, powered by the Open Distro for Elasticsearch security plugin. The security plugin adds Kibana authentication and access control at the cluster, index, document, and field levels that can help you secure your data. You now have many different ways to configure your Amazon ES domain to […]

Read More

How to analyze AWS WAF logs using Amazon Elasticsearch Service

Log analysis is essential for understanding the effectiveness of any security solution. It can be valuable for day-to-day troubleshooting and also for your long-term understanding of how your security environment is performing. AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise […]

Read More

How to Visualize and Refine Your Network’s Security by Adding Security Group IDs to Your VPC Flow Logs

August 31, 2020: The directions in this blog post for how to create an Amazon ES cluster have been updated. February 28, 2019: The features and services described in this post have changed since the post was published and the procedures described might be out of date and no longer accurate. If we update this […]

Read More

How to Control Access to Your Amazon Elasticsearch Service Domain

With the recent release of Amazon Elasticsearch Service (Amazon ES), you now can build applications without setting up and maintaining your own search cluster on Amazon EC2. One of the key benefits of using Amazon ES is that you can leverage AWS Identity and Access Management (IAM) to grant or deny access to your search […]

Read More