Neil
Neil
Treat your password like your toothbrush. Don’t let anybody else use it, and get a new one every six months.

Elasticsearch cluster on AWS

Introduction

Elasticsearch Service on AWS’s had come a long way from when it was first introduced, and we at Gigasearch feel it is ready for most production workloads. In addition, it eliminates much of the pain of operating Elasticsearch yourself, allowing you to focus on your application and business.

If you’ve never set up an Elasticsearch cluster before, AWS Elasticsearch can be somewhat unintuitive. In this AWS Elasticsearch Tutorial, we’ll walk through (and provide some discussion around) the steps to provision a cluster on AWS’s Elasticsearch Service.

ElasticSearch Service includes the following features:

Scale

  • Numerous configurations of CPU, memory and storage capacity are known as instance types, including cost-effective Graviton instances
  • Up to 3 PB of attached storage
  • Cost-effective UltraWarm and cold storage for read-only data

Security

  • AWS Identity and Access Management (IAM) access control
  • Easy integration with Amazon VPC and VPC security groups
  • Encryption of data at rest and node-to-node encryption
  • Amazon Cognito, HTTP basic, or SAML authentication for OpenSearch Dashboards
  • Index-level, document-level, and field-level security
  • Audit logs
  • Dashboards multi-tenancy
- Advertisement -

Stability

  • Numerous geographical locations for your resources, known as Regions and Availability Zones
  • Node allocation across two or three Availability Zones in the same AWS Region, known as Multi-AZ
  • Dedicated master nodes to offload cluster management tasks
  • Automated snapshots to back up and restore OpenSearch Service domains

Flexibility

  • SQL support for integration with business intelligence (BI) applications
  • Custom packages to improve search results

Integration with popular services

  • Data visualization using OpenSearch Dashboards
  • Integration with Amazon CloudWatch for monitoring OpenSearch Service domain metrics and setting alarms
  • Also, Integration with AWS CloudTrail for auditing configuration API calls to OpenSearch Service domains
  • Integration with Amazon S3, Amazon Kinesis, and Amazon DynamoDB for loading streaming data into OpenSearch Service
  • Alerts from Amazon SNS when your data exceeds certain thresholds

Create a Domain from the AWS Elasticsearch dashboard

Deployment type

We choose development and testing for this tutorial

Choose Elasticsearch version

We will choose elasticsearch 7.10.

Data node

- Advertisement -

We choose instance t3.xlarge.search and with 5 node

Fine-grained access control

Fine-grained access control provides numerous features to help you keep your data secure. Features include document-level security, field-level security, read-only users, and OpenSearch Dashboards/Kibana, tenants. Fine-grained access control requires a master user.

Only use fine-grained access control and press create

So all this can be done using AWS cli

# aws es create-elasticsearch-domain \ 
--domain-name unixcop --elasticsearch-version 7.10 \ 
--elasticsearch-cluster-config  InstanceType=t3.xlarge.search,InstanceCount=5 \
--access-policies --access-policies file://myaccesspolicy.json --region us-east-1

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest articles

Join us on Facebook