This is the first of a two-part post on getting Amazon's version of ElasticSearch set up in AWS. We go over the basics of setting up an AWS ES cluster and then tackle supplying the cluster with data via Logstash in our next post.
Amazon has taken all the fun (read: difficulty) out of creating an ElasticSearch cluster. Instead of installs, configurations, and server management, we have been relegated to filling out forms and clicking buttons! What a world we live in.
From the AWS console, you can find ‘Elasticsearch Service’ under ‘Analytics’.
At the top of the ES Dashboard is a giant ‘Create New Domain’ button. Do what it says and click!
Enter a name. I used ‘logs’, since that is what we are storing. Then select the latest version of ES.
This is where you can branch out a bit. Select the number of nodes, EC2 instance type, and preferred storage. For this small use case, I only went with the defaults. If you have a lot of data, scale up your storage. For a large user base, you’ll want a few more instances than just one.
Set up Access Policy
Now you are on your own. Will this be public facing data? Accessible from only your network? A few IPs? Unfortunately AWS ES, as of this writing, does not have VPC support, so your ability to restrict access is solely dependent on access settings. The good news is that Amazon does provide you with a few template options.
Once you are done, Confirm and create, and you are good to go! Congrats on your new ElasticSearch cluster!
In the next post on this topic we will dive into Logstash setup.
Latest posts by Adam Gerhart
- AWS Logstash Setup - October 4, 2016
- AWS ElasticSearch Setup - September 26, 2016
- Hands-On with Eastwind Networks’ Active Breach Detection - March 17, 2016