Why kibana.yml needs a user given, when kibana already gets the credentials by UI prompt?

This is a simple question, but I could not find answers from the internet. Also, I'm a beginner in using elk.

I know, the security (x-pack) is free from 6.8 version onwards. Even I'm trying to use that feature. But I'm a bit confused that, why we need to give username and password in kibana.yml (or as env variables), as we anyway need to give credentials when kibana ui prompts for it.

Can't kibana use only the cred we give (in UI) to access elastic search? Why we give credentials twice (one in kibana.yml and another one in kibana UI)? How does kibana make use of this credentials?

I know I'm missing something, but it would be nice if you guys can explain it.

Thanks.

The credentials that you set in the kibana.yml are the credentials for the internal kibana user, normally kibana_system as specified in the documentation for creating the built-in users.

The credentials that you use in the UI to login in kibana is the user credentials that you will create for your users.

Those credentials are not the same, they should be different for security reasons.

2 Likes

Welcome Raj,

Also make sure you check our how to store the password in the Kibana keystore, so you don't have to put them in cleartext in kibana.yml.

https://www.elastic.co/guide/en/kibana/current/secure-settings.html

Grtz

Willem

1 Like