[role="xpack"]
[[xpack-security]]
== Security

The {stack} {security-features} enable you to easily secure a cluster. With
security, you can
password-protect your data as well as implement more advanced security measures
such as encrypting communications, role-based access control, IP filtering, and
auditing. For more information, see
{ref}/secure-cluster.html[Secure a cluster] and
<<using-kibana-with-security,Configuring Security in {kib}>>.

[float]
=== Users

You can create and manage users on the *Management -> Security -> Users* page.
You can also change their passwords and roles. For more information about
authentication and built-in users, see
{ref}/setting-up-authentication.html[Setting up user authentication].

[float]
=== Roles

You can manage roles on the *Management -> Security -> Roles* page, or use
the <<role-management-api>>. For more information on configuring roles for {kib}, see <<xpack-security-authorization, Granting access to {kib}>>.

For a more holistic overview of configuring roles for the entire stack,
see {ref}/authorization.html[User authorization].

[NOTE]
============================================================================
Managing roles that grant <<kibana-privileges>> using the {es} 
{ref}/security-api.html#security-role-apis[role management APIs] is not supported. Doing so will likely
cause Kibana's authorization to behave unexpectedly.
============================================================================

include::authorization/index.asciidoc[]
include::authorization/kibana-privileges.asciidoc[]
include::api-keys/index.asciidoc[]
include::role-mappings/index.asciidoc[]
include::rbac_tutorial.asciidoc[]