Remote clusters with Elastic Cloud Hosted

Elastic Cloud Hosted

You can configure an Elastic Cloud Hosted deployment to remotely access or (be accessed by) a cluster from:

• Another Elastic Cloud Hosted deployment of your Elastic Cloud organization, across any region or cloud provider (AWS, GCP, Azure…​)
• An Elastic Cloud Hosted deployment of another Elastic Cloud organization
• A deployment in an Elastic Cloud Enterprise installation
• A deployment in an Elastic Cloud on Kubernetes installation
• A self-managed installation.

To use CCS or CCR, your deployments must meet the following criteria:

• The local and remote clusters must run on compatible versions of Elasticsearch. Review the version compatibility table.

  Version compatibility table

  • Any node can communicate with another node on the same major version. For example, 9.0 can talk to any 9.x node.
  • Version compatibility is symmetric, meaning that if 7.16 can communicate with 8.0, 8.0 can also communicate with 7.16. The following table depicts version compatibility between local and remote nodes.

  	Local cluster
  Remote cluster	5.0–5.5	5.6	6.0–6.6	6.7	6.8	7.0	7.1–7.16	7.17	8.0–9.0
  5.0–5.5
  5.6
  6.0–6.6
  6.7
  6.8
  7.0
  7.1–7.16
  7.17
  8.0–9.0

  Important

  Elastic only supports cross-cluster search on a subset of these configurations. See Supported cross-cluster search configurations.

• If your deployment was created before February 2021, the Remote clusters page in Kibana must be enabled manually from the Security page of your deployment, by selecting Enable CCR under Trust management.

The steps, information, and authentication method required to configure CCS and CCR can vary depending on where the clusters you want to use as remote are hosted.

• Connect remotely to other clusters from your Elastic Cloud Hosted deployments

  • Access other deployments of the same Elastic Cloud organization
  • Access deployments of a different Elastic Cloud organization
  • Access deployments of an Elastic Cloud Enterprise environment
  • Access clusters of a self-managed environment
  • Access deployments of an ECK environment

• Use clusters from your Elastic Cloud Hosted deployments as remote

  • From another deployment of your Elastic Cloud organization
  • From a deployment of another Elastic Cloud organization
  • From an ECE deployment
  • From a self-managed cluster
  • From an ECK environment

For remote clusters configured using TLS certificate authentication, traffic filtering can be enabled to restrict access to deployments that are used as a local or remote cluster without any impact to cross-cluster search or cross-cluster replication.

Traffic filtering for remote clusters supports 2 methods:

• Filtering by IP addresses and Classless Inter-Domain Routing (CIDR) masks
• Filtering by Organization or Elasticsearch cluster ID with a Remote cluster type filter. You can configure this type of filter from the Features > Traffic filters page of your organization or using the Elastic Cloud RESTful API and apply it from each deployment’s Security page.