Is strictly needed Shield at ElasticSearch to have Kibana on a different server?

Question

I am trying to set up Kibana at production, and in order to do so, I have Kibana on a different server that my ElasticSearch node... however, I read that in order to have that config (that is indeed needed for production), I need to install on my ElasticSearch the Shield plugin, and authenticate Kibana using it.

Problem is that ElasticSearch is on a SaaS install, on cloud, on IBM Bluemix Compose, and they don't support the use of Shield at Compose, and the only authentication that Compose ElasticSearch has is basic HTTP authentication.

Do you known if Shield at ElasticSearch is strictly needed to have Kibana running ? I do not see any other opption, and not sure about if it will possible to have any other alternative to get Kibana running!

Answer 1

If you're using the latest version of Elasticsearch which is 5.0, Sheild has been deprecated in it and instead of that you can go on and use X-Pack which has security module built in. But as far as I know it's not a must to have either Shield or X-Pack to have Kibana up and running on a different server. You just to have make sure that server.host points to the server you're running Kibana on and elasticsearch.url should point where your ES instance is running. Basically X-Pack Security (aka Shield) is being used to give privileges for accessibility for different kind of users.

Maybe you could have a look at Kibana and Security. Hope it helps!