Product

Security for Elasticsearch is now free

We are thrilled to announce that the core security features of the Elastic Stack are now free. This means that users can now encrypt network traffic, create and manage users, define roles that protect index and cluster level access, and fully secure Kibana with Spaces. This is an exciting next step for our community. We opened the code of these features (and many more) last year and by making them free today, everyone can now run a fully secure cluster, hassle free.

Security is free, starting in versions 6.8.0 and 7.1.0

For a change this important, we wanted to make sure that it was available to as many people as possible, so today we are releasing versions 6.8.0 and 7.1.0 of the Elastic Stack. These versions do not contain new features; they simply make the following core security features free in the default distribution of the Elastic Stack:

  • TLS for encrypted communications
  • File and native realm for creating and managing users
  • Role-based access control for controlling user access to cluster APIs and indexes; also allows multi-tenancy for Kibana with security for Kibana Spaces

Previously, these core security features required a paid Gold subscription. Now they are free as a part of the Basic tier. Note that our advanced security features — from single sign-on and Active Directory/LDAP authentication to field- and document-level security — remain paid features. See the full feature matrix for details.

As always, these releases are available immediately on Elasticsearch Service on Elastic Cloud, the official hosted Elasticsearch.

But wait, there’s more … heya Kubernetes

We are announcing this change in conjunction with the announcement and alpha release of Elastic Cloud on Kubernetes (ECK), the official Kubernetes Operator for Elasticsearch and Kibana. ECK is designed to automate and simplify how Elasticsearch is deployed and operated in Kubernetes.

Security is an integral part of cluster operations, especially in shared and multi-tenant environments like Kubernetes. By moving the core security features into the default distribution of Elastic Stack, we can ensure that all clusters launched and managed by ECK are secured by default at creation time, without any additional burden on the admins. This experience also lines up well with the secure-by-default experience that users have always had on our Elasticsearch Service on Elastic Cloud.

Upgrade and get started

To get started, download and install the latest version of the Elastic Stack, or upgrade your clusters to either 6.8 or 7.1.

To simplify your getting started journey, we have some great material to get you started: