The Elastic Stack security features enable you to easily secure a cluster. With security, you can password-protect your data as well as implement more advanced security measures such as encrypting communications, role-based access control, IP filtering, and auditing. For more information, see Securing Elasticsearch and Kibana and Configuring Security in Kibana.


You can create and manage users on the Management / Security / Users page. You can also change their passwords and roles. For more information about authentication and built-in users, see Setting up user authentication.


You can manage roles on the Management / Security / Roles page, or use Kibana’s Kibana Role Management API. For more information on configuring roles for Kibana see Kibana Authorization.

For a more holistic overview of configuring roles for the entire stack, see Configuring role-based access control.

Managing roles that grant Kibana privileges using the Elasticsearch role management APIs is not supported. Doing so will likely cause Kibana’s authorization to behave unexpectedly.