Security comms #941

eedugon · 2025-03-26T15:20:02Z

This PR updates the certificates and security-setup information. Part of https://github.com/elastic/docs-projects/issues/346#issue-2788754652

TOC and navigation has been changed and simplified
Security setup methods for self-managed deployments have been organized in self-setup.md file.
Landing pages have been updated.

Main pages to review:

Secure your cluster or deployment
Self-managed security setup, with childs.
Manage TLS encryption, with childs

Still pending (not sure if doing that in this PR or in another one).

Long tutorial: I have left it under self-managed security setup, but not sure if it's worthy at all, it's just a different tutorial covering all components. Update: doc moved back to raw content.
Configure security in kibana (that doc has a lot of duplicated info): That's a work in progress item, I think we could remove it and just place the only needed parts somewhere else, feel free to share your thoughts. I've left the file with some comments. Update: doc updated and included in the set.

deploy-manage/security/secure-your-cluster-deployment.md

deploy-manage/toc.yml

deploy-manage/security/secure-cluster-communications.md

deploy-manage/security/set-up-basic-security.md

deploy-manage/toc.yml

deploy-manage/security/_snippets/enable-security.md

deploy-manage/security.md

deploy-manage/security/_snippets/cluster-communication-network.md

deploy-manage/security/secure-your-cluster-deployment.md

deploy-manage/security/set-up-basic-security-plus-https.md

deploy-manage/security/self-tls.md

deploy-manage/security/k8s-https-settings.md

Co-authored-by: shainaraskas <58563081+shainaraskas@users.noreply.github.com>

shainaraskas

some comments, mostly regarding the security features by deployment type stuff

deploy-manage/security/self-setup.md

deploy-manage/security/_snippets/cluster-comparison.md

deploy-manage/security/_snippets/enable-security.md

deploy-manage/security/data-security.md

deploy-manage/security/install-stack-demo-secure.md

deploy-manage/security/secure-http-communications.md

deploy-manage/security/secure-your-cluster-deployment.md

Co-authored-by: shainaraskas <58563081+shainaraskas@users.noreply.github.com>

deploy-manage/security/self-auto-setup.md

deploy-manage/security/set-up-basic-security-plus-https.md

deploy-manage/security/_snippets/kibana-client-https-setup.md

deploy-manage/security/_snippets/kibana-https-setup.md

deploy-manage/security/secure-cluster-communications.md

shainaraskas

looks like https://docs-v3-preview.elastic.dev/elastic/docs-content/pull/941/deploy-manage/security/enabling-cipher-suites-for-stronger-encryption and https://docs-v3-preview.elastic.dev/elastic/docs-content/pull/941/deploy-manage/security/supported-ssltls-versions-by-jdk-version is missing applies info.

on the cipher suites page, it would be good to specify whether the cipher suites are enabled by default in other deployment types as well. there is also a floating backtick on the page that needs to be removed.

deploy-manage/security/self-tls.md

deploy-manage/security/kibana-es-mutual-tls.md

shainaraskas

OK comments are done now :)

all of them are either me being picky or small accuracy questions that should be easy to knock out. will checkmark this in case you're feeling excited to merge it but you should try to clean up the little style weirdness and make sure every page has applies tags.

deploy-manage/security/k8s-https-settings.md

deploy-manage/security/_snippets/cluster-comparison.md

Co-authored-by: shainaraskas <58563081+shainaraskas@users.noreply.github.com>

deploy-manage/security/self-auto-setup.md

Co-authored-by: shainaraskas <58563081+shainaraskas@users.noreply.github.com>

@shainaraskas

I forgot to apply a commit in #941 Minor changes cc: @shainaraskas --------- Co-authored-by: shainaraskas <58563081+shainaraskas@users.noreply.github.com>

eedugon added 2 commits March 26, 2025 09:00

merging shaina's PR with my WIP changes

a4472c7

security certificates work in progress

8f374d0

github-actions bot deployed to docs-preview March 26, 2025 15:20 View deployment

shainaraskas reviewed Mar 26, 2025

View reviewed changes

HTTPS setup ongoing

0fa5251

github-actions bot deployed to docs-preview March 26, 2025 17:26 View deployment

kibana https updated

e4601e1

github-actions bot deployed to docs-preview March 26, 2025 20:52 View deployment

eedugon added 2 commits March 26, 2025 22:07

syncing tabs

155e78f

working in progress

f6da69c

github-actions bot deployed to docs-preview March 26, 2025 22:17 View deployment

automatic and manual configs for self-managed almost completed

613a131

github-actions bot deployed to docs-preview March 27, 2025 08:20 View deployment

eedugon added 2 commits March 27, 2025 20:43

basic and basic plus concepts refined

602e280

TLS certificates extra landing pages added

4dd4b33

github-actions bot deployed to docs-preview March 27, 2025 20:46 View deployment

eedugon added 2 commits March 27, 2025 22:31

redirect for self-setup.md

6185393

automatic security setup file renamed to self-auto-setup.md

0a15585

github-actions bot deployed to docs-preview March 27, 2025 21:34 View deployment

final refinements before ready for review

6e86fa6

github-actions bot deployed to docs-preview March 28, 2025 13:40 View deployment

Merge remote-tracking branch 'origin/main' into security_comms

f0626ec

github-actions bot deployed to docs-preview March 28, 2025 13:46 View deployment

eedugon marked this pull request as ready for review March 28, 2025 13:58

eedugon requested a review from shainaraskas March 28, 2025 13:59

moved tutorial

36b15c7

github-actions bot deployed to docs-preview March 28, 2025 14:00 View deployment

fixing some links

d3ba8d5

shainaraskas reviewed Mar 28, 2025

View reviewed changes

Apply suggestions from code review

d820457

Co-authored-by: shainaraskas <58563081+shainaraskas@users.noreply.github.com>

Merge branch 'main' into security_comms

3e9cf0a