The Elastic Stack security features enable you to easily secure a cluster. With security, you can password-protect your data as well as implement more advanced security measures such as encrypting communications, role-based access control, IP filtering, and auditing. For more information, see Secure a cluster and Configuring Security in Kibana.


You can create and manage users on the Management / Security / Users page. You can also change their passwords and roles. For more information about authentication and built-in users, see User authentication.


You can manage roles on the Management / Security / Roles page, or use Kibana’s Kibana Role Management API. For more information on configuring roles for Kibana see Kibana Authorization.

For a more holistic overview of configuring roles for the entire stack, see User authorization.

Managing roles that grant Kibana privileges using the Elasticsearch role management APIs is not supported. Doing so will likely cause Kibana’s authorization to behave unexpectedly.