Features

This section provides an overview of the features available for the Elasticsearch offering for the ObjectRocket cloud platform.

Kibana

All ObjectRocket Elasticsearch offerings include a dedicated Kibana instance that ObjectRocket automatically configures to connect to your Elasticsearch cluster. Kibana lets you use charts and graphs to build rich visualizations of your Elasticsearch data.

Security

This section includes information about security.

Network isolation

All clusters run on dedicated, single-tenant containers to give isolation at the process and filesystem level. In addition, ObjectRocket completely isolates the network of each instance from other instances on the service.

SSL encryption

Secure Socket Layer (SSL)/Transport Layer Security (TLS) is enabled on all Elasticsearch clusters and includes https connection strings for the following:

  • Elasticsearch REST API
  • Kibana
  • Cerebro

ACLs and IP whitelisting

Access Control Lists (ACLs) gate all access to Elasticsearch clusters, so only the specified IPs or IP ranges will have access to the cluster. ObjectRocket allows separate ACLs for the Elasticsearch REST API, Cerebro, and Kibana.

User authentication

ObjectRocket for Elasticsearch clusters require user authentication for all communications. This platform has the following different user roles:

  • Admin: Full read/write access to Elasticsearch and Kibana
  • Read only: Read-only access to Elasticsearch
  • Kibana: Similar to read only, but with added permissions to change Kibana dashboards

Encryption at rest

ObjectRocket enables encryption at rest by default on all instances, which provides the following functionality:

  • Volume-level encryption secures storage volumes on the cluster by encrypting them on the disk.
  • ObjectRocket manages your encryption keys, so you don’t have to.
  • All backups and snapshots of that cluster are also encrypted.

Daily backups

ObjectRocket automatically backs up your data every 24 hours by using Elasticsearch snapshots. There is a 2 week retention period for this data. Contact support@objectrocket.com to request a restore.