Hi, I have 2 Elasticsearch clusters with platinum license and I’m considering moving these to a Search Guard protected Elasticsearch cluster (w/basic license).
Can someone confirm that the backups of my current clusters (i.e. Elasticsearch snapshots sitting in S3) can be restored to an SG protected cluster?
I’m not sure if the different security plugin (users, roles, perms…) will confilct or not…
You are indeed able to restore a snapshot from Xpack ES (Tested on ES7.16.2).
You might come across issues with alias (if you are restoring these) and will need to delete the duplicate before continuing.
You might also come across duplicate index names, which needs to be resolved prior to restore.
Lastly, note that the spaces indices (and all the kibana object within: dashboards, visualisations, etc) will not be transferred over, as SG uses tenants instead, therefore a workaround would be export the needed index patterns and visualisations and import them in the new cluster.
Any security configuration (users, roles, etc) will not be usable, even though the index will get restored. These will need to be set up separately, following the SG convention, as these are stored in separate index (searchguard)
The GUI for restore is very useful in identifying all these scenarios prior to restore.
Also, do not restore any system indices (starting with ‘.’), as these will most likely cause issues.
It is of course recommended to have a trial run and making sure everything gets restored as expected, as this was tested using basic data/config (anything that requires xpack.security to run would naturally not work with SG).
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.