Security for Elasticsearch is Now Free

20 May 2019

Contact information

Deborah Wiltshire

Elastic Corporate Communications

KubeCon and CloudNativeCon, Barcelona - 20 May 2019 -

Elastic N.V. (NYSE: ESTC), the company behind Elasticsearch and the Elastic Stack announced that the core security features of the Elastic Stack are now free. This means that users can now encrypt network traffic, create and manage users, define roles that protect index and cluster level access, and fully secure Kibana with Spaces. This is an exciting next step for our community. We opened the code of these features (and many more) last year and by making them free today, everyone can now run a fully secure cluster, hassle-free.

Security is free, starting in versions 6.8.0 and 7.1.0

For a change this important, we wanted to make sure that it was available to as many people as possible, so today we are releasing versions 6.8.0 and 7.1.0 of the Elastic Stack. These versions do not contain new features; they simply make the following core security features free in the default distribution of the Elastic Stack:

  • TLS for encrypted communications
  • File and native realm for creating and managing users
  • Role-based access control for controlling user access to cluster APIs and indexes; also allows multi-tenancy for Kibana with security for Kibana Spaces

Previously, these core security features required a paid Gold subscription. Now they are free as a part of the Basic tier. Note that our advanced security features — from single sign-on and Active Directory/LDAP authentication to field- and document-level security — remain paid features. See the full feature matrix for details.

As always, these releases are available immediately on Elasticsearch Service on Elastic Cloud, the official hosted Elasticsearch.

But wait, there’s more … heya Kubernetes

We are announcing this change in conjunction with the announcement and alpha release of Elastic Cloud on Kubernetes (ECK), the official Kubernetes Operator for Elasticsearch and Kibana. ECK is designed to automate and simplify how Elasticsearch is deployed and operated in Kubernetes.

Security is an integral part of cluster operations, especially in shared and multi-tenant environments like Kubernetes. By moving the core security features into the default distribution of Elastic Stack, we can ensure that all clusters launched and managed by ECK are secured by default at creation time, without any additional burden on the admins. This experience also lines up well with the secure-by-default experience that users have always had on our Elasticsearch Service on Elastic Cloud.

Upgrade and get started

To get started, download and install the latest version of the Elastic Stack, or upgrade clusters to either 6.8 or 7.1.

To simplify the getting started journey, we have some great material:

Or, accelerate learning and go deeper into Elasticsearch Security with this new on-demand Fundamentals of Securing Elasticsearch course, which is available for free for a limited time (regularly $200).

Learn More

About Elastic

Elastic is a search company. As the creators of the Elastic Stack (Elasticsearch, Kibana, Beats, and Logstash), Elastic builds self-managed and SaaS offerings that make data usable in real time and at scale for use cases like application search, site search, enterprise search, logging, APM, metrics, security, business analytics, and many more.

Elastic and associated marks are trademarks or registered trademarks of Elastic N.V. and its subsidiaries. All other company and product names may be trademarks of their respective owners.