{"_id":"576da01379f35917002dc0a7","project":"5633ebff7e9e880d00af1a53","version":{"_id":"5633ec007e9e880d00af1a56","project":"5633ebff7e9e880d00af1a53","__v":16,"createdAt":"2015-10-30T22:15:28.105Z","releaseDate":"2015-10-30T22:15:28.105Z","categories":["5633ec007e9e880d00af1a57","5633f072737ea01700ea329d","5637a37d0704070d00f06cf4","5637cf4e7ca5de0d00286aeb","564503082c74cf1900da48b4","564503cb7f1fff210078e70a","567af26cb56bac0d0019d87d","567afeb8802b2b17005ddea0","567aff47802b2b17005ddea1","567b0005802b2b17005ddea3","568adfffcbd4ca0d00aebf7e","56ba80078cf7c9210009673e","574d127f6f075519007da3d0","574fde60aef76a0e00840927","57a22ba6cd51b22d00f623a0","5a062c15a66ae1001a3f5b09"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"category":{"_id":"567b0005802b2b17005ddea3","pages":["567b001117368a0d009a6e10","567b00307c40060d005603e7","567b039a7c40060d005603ec"],"project":"5633ebff7e9e880d00af1a53","version":"5633ec007e9e880d00af1a56","__v":3,"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-12-23T20:11:49.377Z","from_sync":false,"order":2,"slug":"best-practices","title":"Best Practices & Tools"},"parentDoc":null,"__v":62,"user":"5633ec9b35355017003ca3f2","updates":[],"next":{"pages":[],"description":""},"createdAt":"2016-06-24T21:03:15.006Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":6,"body":"When you provision a cluster with Bonsai you receive a full-access URL. It looks something like this:\n\n    https://wy1wr3ny3:own34scots:::at:::production-app-1234.us-east-1.bonsai.io\n\nA lot of those pieces in the URL will be no-brainers for some, and brand new for others. We've explained each piece below.\n\n## Protocol\n\n_**https**:// wy1wr3ny3:own34scots @ production-app-1234 .us-east-1.bonsai.io_\n\nSecure Hypertext Transfer Protocol. Your requests to and from the Elasticsearch API are secured with recent versions of TLS.\n\n## Username and Password\n\n_https:// ​**wy1wr3ny3:own34scots** ​@ production-app-1234 .us-east-1.bonsai.io_\n\nThese credentials are your username and password. It's the most sensitive information in your URL. You should treat them like any API key: keep them secure and never, *ever* keep them in public locations, pushed to Github repos, or copied and pasted in third-party services. If you ever accidentally do this, we *strongly* recommend that you rotate your credentials immediately.\n\n## Hostname\n\n_https:// wy1wr3ny3:own34scots @ **production-app-1234.us-east-1.bonsai.io**_\n\nThe unique identifier of you cluster that our systems and support engineers use to identify your cluster. When we ask you to confirm your cluster hostname in support, this is the most important piece of information.\n\n## Region\n\n_https:// wy1wr3ny3:own34scots @ production-app-1234.**us-east-1.bonsai.io**_\n\nThe region your cluster lives in. This is us-east-1, which means this cluster is in the Virginia region. We have others, like us-west-2, eu-west-1, etc. These generally correspond to AWS region identifiers.\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Where do I find my cluster URL?\"\n}\n[/block]\nBoth direct and Heroku accounts can find your cluster URL by opening up your cluster dashboard.\n\nIf you're a direct customer, open up your dashboard and find your URL in the 'Manage' tab:\n\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/vJch6hgGRoSOxypVNfVw_Screen%20Shot%202016-06-27%20at%204.50.04%20PM.png\",\n        \"Screen Shot 2016-06-27 at 4.50.04 PM.png\",\n        \"2560\",\n        \"1320\",\n        \"#1a5d84\",\n        \"\"\n      ]\n    }\n  ]\n}\n[/block]\nFor Heroku users, it's located on the first tab when you open your dashboard, under 'Overview':\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/e6WG7iw1Sy3whZUlYyqg_Screen%20Shot%202016-06-27%20at%204.49.11%20PM.png\",\n        \"Screen Shot 2016-06-27 at 4.49.11 PM.png\",\n        \"2560\",\n        \"1206\",\n        \"#04a494\",\n        \"\"\n      ]\n    }\n  ]\n}\n[/block]\nHeroku users can also access their cluster url by using the Heroku CLI tool:\n\n```\n$ heroku config:get BONSAI_URL\n  -----> https://wy1wr3ny3:own34scots@production-app-1234.us-east-1.bonsai.io\n```\n\n_Not sure how to open your Heroku dashboard? See [The Dashboard](doc:bonsai-elasticsearch-dashboard) for help._ \n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Rotating your URL credentials\"\n}\n[/block]\nDoing a security audit, or perhaps you've accidentally made your cluster URL insecure by copying and pasting it somewhere - either in a third-party service or public repo? No worries! You can rotate your credentials easily with Bonsai.\n\n## Regenerate Credentials\n\nLog into your cluster dashboard and navigate to `Access`. Clicking `Regenerate Credentials` will rotate your username and password for full-access API actions to your cluster.\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/T28R5XgtRoKtc201yAQ9_Screen%20Shot%202016-06-27%20at%204.56.18%20PM.png\",\n        \"Screen Shot 2016-06-27 at 4.56.18 PM.png\",\n        \"2560\",\n        \"1312\",\n        \"#154e70\",\n        \"\"\n      ]\n    }\n  ]\n}\n[/block]\n\n[block:callout]\n{\n  \"type\": \"danger\",\n  \"body\": \"Regenerating cluster credentials is instantaneous, which means that your old credentials will cease to work as soon as the new credentials are created. You will need to update your client configuration with the new credentials before it can talk to the cluster again.\\n\\nAny request which comes through between the time you click this button and the time the client is updated will result in a 401 Authorization Required error. If you are in development or staging, this is probably not an issue. However, if you're in production, you should strongly consider waiting until you're off peak hours, or scheduling a maintenance window before taking this action.\"\n}\n[/block]","excerpt":"Everything you need to know about the URL's you're given when you signup with Bonsai.","slug":"managing-your-cluster-url-and-credentials","type":"basic","title":"Managing your Cluster URL and Credentials"}

Managing your Cluster URL and Credentials

Everything you need to know about the URL's you're given when you signup with Bonsai.

When you provision a cluster with Bonsai you receive a full-access URL. It looks something like this: https://wy1wr3ny3:own34scots@production-app-1234.us-east-1.bonsai.io A lot of those pieces in the URL will be no-brainers for some, and brand new for others. We've explained each piece below. ## Protocol _**https**:// wy1wr3ny3:own34scots @ production-app-1234 .us-east-1.bonsai.io_ Secure Hypertext Transfer Protocol. Your requests to and from the Elasticsearch API are secured with recent versions of TLS. ## Username and Password _https:// ​**wy1wr3ny3:own34scots** ​@ production-app-1234 .us-east-1.bonsai.io_ These credentials are your username and password. It's the most sensitive information in your URL. You should treat them like any API key: keep them secure and never, *ever* keep them in public locations, pushed to Github repos, or copied and pasted in third-party services. If you ever accidentally do this, we *strongly* recommend that you rotate your credentials immediately. ## Hostname _https:// wy1wr3ny3:own34scots @ **production-app-1234.us-east-1.bonsai.io**_ The unique identifier of you cluster that our systems and support engineers use to identify your cluster. When we ask you to confirm your cluster hostname in support, this is the most important piece of information. ## Region _https:// wy1wr3ny3:own34scots @ production-app-1234.**us-east-1.bonsai.io**_ The region your cluster lives in. This is us-east-1, which means this cluster is in the Virginia region. We have others, like us-west-2, eu-west-1, etc. These generally correspond to AWS region identifiers. [block:api-header] { "type": "basic", "title": "Where do I find my cluster URL?" } [/block] Both direct and Heroku accounts can find your cluster URL by opening up your cluster dashboard. If you're a direct customer, open up your dashboard and find your URL in the 'Manage' tab: [block:image] { "images": [ { "image": [ "https://files.readme.io/vJch6hgGRoSOxypVNfVw_Screen%20Shot%202016-06-27%20at%204.50.04%20PM.png", "Screen Shot 2016-06-27 at 4.50.04 PM.png", "2560", "1320", "#1a5d84", "" ] } ] } [/block] For Heroku users, it's located on the first tab when you open your dashboard, under 'Overview': [block:image] { "images": [ { "image": [ "https://files.readme.io/e6WG7iw1Sy3whZUlYyqg_Screen%20Shot%202016-06-27%20at%204.49.11%20PM.png", "Screen Shot 2016-06-27 at 4.49.11 PM.png", "2560", "1206", "#04a494", "" ] } ] } [/block] Heroku users can also access their cluster url by using the Heroku CLI tool: ``` $ heroku config:get BONSAI_URL -----> https://wy1wr3ny3:own34scots@production-app-1234.us-east-1.bonsai.io ``` _Not sure how to open your Heroku dashboard? See [The Dashboard](doc:bonsai-elasticsearch-dashboard) for help._ [block:api-header] { "type": "basic", "title": "Rotating your URL credentials" } [/block] Doing a security audit, or perhaps you've accidentally made your cluster URL insecure by copying and pasting it somewhere - either in a third-party service or public repo? No worries! You can rotate your credentials easily with Bonsai. ## Regenerate Credentials Log into your cluster dashboard and navigate to `Access`. Clicking `Regenerate Credentials` will rotate your username and password for full-access API actions to your cluster. [block:image] { "images": [ { "image": [ "https://files.readme.io/T28R5XgtRoKtc201yAQ9_Screen%20Shot%202016-06-27%20at%204.56.18%20PM.png", "Screen Shot 2016-06-27 at 4.56.18 PM.png", "2560", "1312", "#154e70", "" ] } ] } [/block] [block:callout] { "type": "danger", "body": "Regenerating cluster credentials is instantaneous, which means that your old credentials will cease to work as soon as the new credentials are created. You will need to update your client configuration with the new credentials before it can talk to the cluster again.\n\nAny request which comes through between the time you click this button and the time the client is updated will result in a 401 Authorization Required error. If you are in development or staging, this is probably not an issue. However, if you're in production, you should strongly consider waiting until you're off peak hours, or scheduling a maintenance window before taking this action." } [/block]