ReadonlyREST is a battle-tested plugin for Elasticsearch and Kibana hat provides advanced security and access control features. It includes basic features, as well as enterprise-level features like multi-tenancy, advanced LDAP authentication, SAML SSO, OIDC authentication, and offsite auditing log shipping.
Adopting ROR instead of paying for the platinum tier of Elastic cloud is cheaper, permits more advanced integrations, but most importantly: offers multi-tenancy over a single cluster.
Maintenance & scaling
Flexible access control
Self hosted + ROR
What if we could have the best of both worlds?
It’s finally possible!
🏦 Keep all your data in Elastic Cloud basic tier (no expensive platinum tier required!)
👀 Access the data as cross-cluster-search using a tiny Kibana+ROR instance with advanced authentication
How does it work?
All your data is safely kept in Elastic Cloud basic tier, but your users will access it through a minimal ReadonlyREST instance, where you can configure the usual advanced authentication, multi-tenancy and access control.
Is this integration secure and robust?
Yes, very much so. No hacks involved. Thanks to two amazing features of Elastic Cloud.
🤝 "Trusted deployments": self hosted clusters (i.e. with ROR installed) can securely connect to your fully managed Elastic Cloud
“Cross Cluster Search (CCS)”: Users are authorized in the data-less ROR-secured cluster, and access the data in the remote Elastic Cloud cluster.