I'm new to Elasticsearch and have very basic understanding of elasticsearch.
So, let me first give little description about my problem statement. In my organisation, we have elasticsearch cluster made up of 3-nodes on unix boxes.
discovery.zen.ping.unicast.hosts: ["xx.xx.xx.1", "xx.xx.xx.2", "xx.xx.xx.3"]
. Everything works fine, but within the organisation private network one can access the Elasticsearch built-in API's such as/_nodes? , /_cluster, etc
using the private IP's.
How do I prevent such unauthorised access to the API's internal to the network?? Is there any ACL feature in elasticsearch or do I have to install some nginx web server on top of it and block access to the url's.
You can use x-pack basic security which is included for free in the latest versions of Elasticsearch and provide username/password based access and many more ways to control the access, refer x-pack license detail for more info