Kibana second instance on a different domain - best practices?

Hey All,
I have 1 Elasticsearch cluster (version 7.6.x) that is connected to Kibana (2 nodes behind a load balancer).
I would like to create another Kibana instance on a different domain. So users from that other domain can access dashboards and visualisations, and manage their own users in the second domain.
What is the best approach? best practices?
Any known issues? Things to be aware of? Limitations?

Thank you! :small_airplane:

By domain do you mean URL, or auth domain?

Not sure what you mean.
So current users can log in either with local domain or as local users.
user@domain.com or user
admin@domain.com or admin

I want to add another user group from a different domain.

user@new_domain.com

Righto, so auth domain.

You will need to make sure that it's setup in Elasticsearch. I'm not sure if there are other considerations.

Assuming you are using Elasticsearch native security, then there is only a single security domain. You cannot segregate users in that way within a single Elasticsearch instance.

If you really want that level of separation you need to run multiple separate clusters.

1 Like

Yes, using elastic security solution.
So users will have to be managed as internal users only?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.