openstack/kolla-ansible
Code Issues Proposed changes
a1eec2498a
kolla-ansible/releasenotes/notes/kibana-tls-verify-8bfcb822268ad0d8.yaml
Mark Goddard e91fd969ac Verify TLS by default for Kibana to Elasticsearch 
Currently, if internal TLS communication is enabled, Kibana to
Elasticsearch communication is unverified. This is because we set
elasticsearch.ssl.verificationMode to 'none' by default (via
kibana_elasticsearch_ssl_verify). This is poor a security
posture.

This change changes the default value of
'kibana_elasticsearch_ssl_verify' to 'true'.

Change-Id: Ie4fa8e3a60d69cf5c4bdd975030c92be8113ffb1
Closes-Bug: #1885110
2020-06-25 10:35:18 +01:00

7 lines
195 B
YAML
Raw Blame History

---
upgrade:
- |
Changes the default value of ``kibana_elasticsearch_ssl_verify`` from
``false`` to ``true``. `LP#1885110
<https://bugs.launchpad.net/kolla-ansible/+bug/1885110>`__
View Git Blame Copy Permalink