SaFi Bank Space : Elasticsearch

Elastic and Google Cloud have partnered to help enterprises of all sizes deploy Elastic Enterprise Search, Observability, and Security on Google Cloud.

It’s the official managed Elasticsearch offering on Google Cloud with exclusive integrations and expert support.

Access Elastic Cloud via Google Cloud Marketplace and create a deployment in any of our multiple regions.

Overview

Benefits of a managed service

Get the latest version and security updates — including exclusive features and access to Elastic Support. Plus, Elastic Cloud grows teh same way as the requirements change over time.

Benefits	Features
Deployments made easy	Deploy globally in minutes Optimized compute, memory, and storage ratios based on the deployment size you select
Security by default	OS hardening and logical separation of discrete containers Data is encrypted by default, whether in motion or in transit Preconfigured secure communications between components and the encryption keys are managed
Hands-free maintenance	Save time while the operating system updates are applied and security patches in the background Save money you would have spent on maintenance and focus on initiatives that drive greater business value
Elastic wears the pager	Service redundancy and resiliency is architected to help prevent against unplanned downtime The data is periodically backed up
Future-proof	Take advantage of the latest features and always be on the current version Benefit from the latest hardware innovations Easily upgrade to a Gold or Platinum subscription for access to additional features

Shared responsibility system

Shared responsibilities:
- At a high level, Elastic is responsible for the security and operation of Elastic Cloud, including the underlying infrastructure and the Elastic software that runs on top of it. You make decisions about your specific configuration, ensuring your deployment size meets your business needs, account and user management, operations such as restoring snapshots, and your data.
Elastic Responsibilities:
- Infrastructure
  - Building out infrastructure on-premise in Amazon Web Services, Google Cloud, and Microsoft Azure, regions and availability zones
  - Optimizing cloud storage and locally attached disk ratios for your deployment
  - Managing availability, so you won’t see insufficient capacity or stock out errors when you create a deployment
  - Applying software updates and security patches to your underlying infrastructure
- Platform and network security
  - Encrypting your cluster data and snapshots and managing your keys
  - Encrypting communications between nodes and components such as Elasticsearch, Kibana, and APM
- Orchestration of the Elastic Stack
  - Ensuring connectivity between components
  - Automatically applying customer’s configuration changes and plugins
  - Applying customer’s specified capacity parameters
  - Taking periodic snapshots (customer sets the cadence, Elastic does the work)
Customer’s responsibilities:
- Operations
  - Giving careful consideration to the sizing requirements of the deployment
  - Deciding when and how a customer wants to restore snapshots
  - Ensuring the health of customer’s configurations, plugins, indexes, and shards
  - Enabling out-of-the-box monitoring and alerting capabilities to ensure the deployment remains healthy
- Security
  - Securing communications between Elastic Cloud and other systems, such as applications, databases, and other cloud services
  - Implementing configurations that adhere to security best practices
  - Applying user- and account-based access rights
- Data
  - Managing the data customer uses in conjunction with the service

Available regions

For Google Cloud Platform:

Taiwan (asia-east1), gcp-asia-east1
Tokyo (asia-northeast1), gcp-asia-northeast1
Seoul (asia-northeast3), gcp-asia-northeast3
Mumbai (asia-south1), gcp-asia-south1
Singapore (asia-southeast1), gcp-asia-southeast1
Sydney (australia-southeast1), gcp-australia-southeast1
Finland (europe-north1), gcp-europe-north1
Belgium (europe-west1), gcp-europe-west1
London (europe-west2), gcp-europe-west2
Frankfurt (europe-west3), gcp-europe-west3
Netherlands (europe-west4), gcp-europe-west4
Montreal (northamerica-northeast1), gcp-northamerica-northeast1
Sao Paulo (southamerica-east1), gcp-southamerica-east1
Iowa (us-central1), gcp-us-central1
South Carolina (us-east1), gcp-us-east1
N. Virginia (us-east4), gcp-us-east4
Oregon (us-west1), gcp-us-west1

In more detailed (deployment templates and instance configurations): see the official documentation.

Elasticsearch Service GCP instance configurations

Google Compute Engine (GCE) N2 general purpose VM types are now available for Elastic Cloud deployments in all supported Google Cloud regions. N2 VMs have a better mix of vCPU, RAM, and internal disk, and are up to 50% more cost effective when compared to N1 VM types.

Deployment choices

Elastic Stack: Choose this option if you’re looking to do something unique or if one of the other preconfigured solutions doesn’t quite fit. Choose from different hardware profile templates, such as the hot-warm architecture profile template, which makes it easy to get started and offers lots of flexibility.
Elastic Enterprise Search: Search everything, anywhere. Elastic App Search provides all the tools you need to design and deploy powerful search experiences for your websites and mobile apps. Elastic Workplace Search gives your teams a unified search experience across all their collaboration, productivity, and storage tools, helping them find whatever they need, wherever it may be.
Elastic Observability: Unify logs, metrics, traces, and more from your ecosystem in a scalable stack that's open and built for speed. Monitor, search, and analyze all of your operational data in a rich UI to quickly resolve issues and consistently deliver exceptional digital experiences.
Elastic Security: Effective cybersecurity requires data at scale — Elastic Security solves for core data and scale problems. Leading security teams use the free and open solution for SIEM, endpoint security, threat hunting, cloud monitoring, and more. An intuitive UI and vast ecosystem of integrations help arm every analyst to succeed.

To better understand the options, read more about how to create your deployment.

Pricing

Usage fee: Usage fee is billed every month
Elastic Billing Units for GCP: USD 0.0001 /unit

If you pay in a currency other than USD, the prices listed in your currency on Cloud Platform Skus apply. Please refer to GCP Price List for the latest pricing.

Cancelation and change policy

Your subscription fee is billed every month.

Final prices in your bill will be set in accordance with your billing setup, and might be subject to exchange rates.

Support

Standard support includes Ticket-based support 2 support contacts

Gold support includes Ticket-based support 6 support contacts SLA-based support Business hours support coverage: Critical: 4 hours L2: 1 day L3: 2 days Unlimited # of incidents

Platinum support includes Ticket-based support 8 support contacts SLA-based support 24/7/365 Support coverage Critical: 1 hour L2: 4 hours L3: 1 day Unlimited # of incidents

Secure deployments on Elastic Cloud with Google Cloud Private Service Connect

The Google Cloud Private Service Connect is officially integrated with Elastic Cloud.

Elastic Cloud VPC connectivity is now available to all customers across all subscription tiers and cloud providers (AWS, Microsoft Azure, and Google Cloud).

Private Service Connect allows you to create private and secure connections from your clients running in your Google Cloud environments to your Elastic Cloud deployment endpoints running on Google Cloud. Private Service Connect provides service endpoints in your virtual private cloud (VPC) that provide private connectivity and policy enforcement, allowing you to easily connect to services like Elastic Cloud. All the traffic remains within the Google network, and it’s easy to set up and scale.

Step-by-Step Google Cloud Private Service Connect configuration

Prerequisite: Obtain a static IP on Google Cloud for assigning to the endpoint.
Step 1: Create a Private Service Connect endpoint using the Elastic Cloud service attachment
- Create a Private Service Connect Endpoint using the service attachment URI for the region your deployment is hosted on in Elastic Cloud.
- Once you create the endpoint, it will be accepted automatically in a few seconds.
Step 2: Create a domain name service (DNS) record for the Private Service Connect endpoint
- Create a private DNS zone using the zone name for the region.
  Add an A name record to resolve to the IP address of the Private Service Connect endpoint, and add your network to the private hosted zone. This will help with accessing the endpoint using a friendly domain name.
Step 3: Configure the necessary information for Elastic Cloud to allow traffic only from the explicitly allowed endpoints.
- Create a traffic filter of type Private Service Connect endpoint using the endpoint ID created in Step 1:
- Associate the traffic filter to one or more deployments
  - You can associate this traffic filter with one or more deployments hosted in the region, and only traffic from explicitly allowed VPC (though the Private Connect endpoints) will be allowed to the respective deployment endpoints.