github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 17:28:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

[DOCS] better explanation of backup/key rotation for encryption key (#84529) (#84565)

Browse source 
* better explanation of backup/key rotation for encryption key

* clarifying failure reason in lost key scenario

* fixing typo
This commit is contained in:
Bill McConaghy 2020-11-30 14:35:30 -05:00 committed by GitHub
parent 1a127a5398
commit 550a294625
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/settings/alert-action-settings.asciidoc
View file

@ -27,6 +27,7 @@ You can configure the following settings in the `kibana.yml` file.
If not set, {kib} will generate a random key on startup, but all alert and action functions will be blocked. Generated keys are not allowed for alerts and actions because when a new key is generated on restart, existing encrypted data becomes inaccessible. For the same reason, alerts and actions in high-availability deployments of {kib} will behave unexpectedly if the key isn't the same on all instances of {kib}. +
+
Although the key can be specified in clear text in `kibana.yml`, it's recommended to store this key securely in the <<secure-settings,{kib} Keystore>>.
Be sure to back up the encryption key value somewhere safe, as your alerts and actions will cease to function due to decryption failures should you lose it. If you want to rotate the encryption key, be sure to follow the instructions on <<encryption-key-rotation, encryption key rotation>>.
|===