The Elastic Stack security features enable you to easily secure a cluster. With security, you can password-protect your data as well as implement more advanced security measures such as encrypting communications, role-based access control, IP filtering, and auditing. For more information, see Securing Elasticsearch and Kibana and Configuring Security in Kibana.


You can create and manage users on the Management → Security → Users page. You can also change their passwords and roles. For more information about authentication and built-in users, see Setting up user authentication.


You can manage roles on the Management → Security → Roles page, or use the Kibana role management APIs. For more information on configuring roles for Kibana, see Granting access to Kibana.

For a more holistic overview of configuring roles for the entire stack, see Configuring role-based access control.


Managing roles that grant Kibana privileges using the Elasticsearch role management APIs is not supported. Doing so will likely cause Kibana’s authorization to behave unexpectedly.