Production setup for ELK stack with open distro

Hi Guys
I am setting up development env at the moment with SSL and SAML backend security.
I know elastic comes with lots of default demo mapping and security files but how this setup should be done for production ready application .

Based on this I wanted to understand following.

  1. What are the roles of other yml files like role.yml role_mapping.yml etc inside security config folder and how and what are recommended setup for this?

  2. What is recommendation around logstash communication with open distro elastic because we will need to authenticate when logstash communicate with elastic and we need to provide credentials etc, but is the best and correct way of doing this for production.

  3. Same like point 2 but for elastic and Kibana communication for production setup.

I am new to this and just trying to understand overall setup recommendation for ELK stack with open distro security for production.