Features

Kibana

We include a dedicated instance of Kibana automatically configured to connect to your Elasticsearch cluster. Kibana allows you to build rich visualizations of your Elasticsearch data using charts and graphs.

Security

Network Isolation

All clusters run on dedicated, single-tenant containers to provide isolation at the process and filesystem level. In addition, we completely isolate the network of each instance from other instances on the service.

SSL Encryption

SSL/TLS is enabled on all Elastic search clusters and we provide https connection strings for:

  • ElasticSearch REST API
  • Kibana
  • Cerebro

ACLs / IP Whitelisting

All access to Elasticsearch clusters is gated by Access Control Lists (ACLs), so only the IPs or IP ranges specified will have access to the cluster. We allow separate ACLs for the Elasticsearch REST API, Cerebro, and Kibana.

User Authentication

ObjectRocket for Elasticsearch clusters also require user authentication for all communications. We allow three different user roles on the platform:

  • Admin: Full read/write access to Elasticsearch and Kibana
  • Read only: Read-only access to Elasticsearch
  • Kibana: Similar to read only, but with added permissions to modify Kibana dashboards

Encryption at rest

Encryption at rest is enabled by default on all instances. This means:

  • Storage volumes on the cluster are encrypted on disk, using volume-level encryption
  • ObjectRocket manages your encryption keys, so you don’t have to
  • All backups/snapshots of that cluster are encrypted as well

Plugins

By default, we install a number of Elasticsearch plugins on all ObjectRocket for Elasticsearch clusters that mainly belong to the list of “Core” plugins supported by Elastic:

  • Analysis plugins: analysis-icu, analysis-kuromoji, analysis-phonetic, analysis-smartcn, analysis-stempel, analysis-ukrainian.
  • Ingest plugins: ingest-attachment, ingest-geoip, ingest-user-agent.
  • Mapper plugins: mapper-murmur3, mapper-size.
  • Snapshot Repository plugins: repositry-azure, repository-gcs, repository-s3.

We can support additional plugins on a case by case basis. Contact support@objectrocket.com if you would like different plugins installed.

Daily Backups

We automatically backup your data every 24 hours using Elasticsearch snapshots and maintain a 2 week retention. period Contact support@objectrocket.com to request a restore.