[DOCS] Updates note about security settings (#139591) (#140251)

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> (cherry picked from commit 66917c913d) # Conflicts: # docs/settings/security-settings.asciidoc Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
2025-04-24 01:38:56 -04:00 · 2022-09-08 11:21:40 +02:00 · 2022-09-08 11:21:40 +02:00 · 6591cea062
commit 6591cea062
parent dd893d89d8
1 changed files with 6 additions and 5 deletions
--- a/docs/settings/security-settings.asciidoc
+++ b/docs/settings/security-settings.asciidoc
@ -8,6 +8,12 @@
 You do not need to configure any additional settings to use the
 {security-features} in {kib}. They are enabled by default.

+IMPORTANT: In high-availability deployments, make sure you use the same
+security settings for all instances of {kib}. Also consider storing
+sensitive security settings, such as encryption and decryption keys,
+securely in the Kibana Keystore, instead of keeping them in clear text in
+the kibana.yml file.
+
 [float]
 [[general-security-settings]]
 ==== General security settings
@ -307,11 +313,6 @@ Use a string of `<count>[ms\|s\|m\|h\|d\|w\|M\|Y]` (e.g. '20m', '24h', '7d', '1w

 These settings control the encryption of saved objects with sensitive data. For more details, refer to <<xpack-security-secure-saved-objects>>.

-[IMPORTANT]
-============
-In high-availability deployments, make sure you use the same encryption and decryption keys for all instances of {kib}. Although the keys can be specified in clear text in `kibana.yml`, it's recommended to store them securely in the <<secure-settings,{kib} Keystore>>.
-============
-
 [cols="2*<"]
 |===
 | [[xpack-encryptedSavedObjects-encryptionKey]] `xpack.encryptedSavedObjects.`