Get roles

GET /_security/role

Get roles in the native realm. The role management APIs are generally the preferred way to manage roles, rather than using file-based role management. The get roles API cannot retrieve roles that are defined in roles files.

Responses

200 application/json
Hide response attribute Show response attribute object
- * object Additional properties
  
  Additional properties are allowed.
  
  Hide * attributes Show * attributes object
  
  cluster array[string] Required
  
  indices array[object] Required
  
  Hide indices attributes Show indices attributes object
  
  field_security object
  
  Additional properties are allowed.
  
  Hide field_security attributes Show field_security attributes object
  
  except string | array[string]
  
  grant string | array[string]
  
  names string | array[string]
  
  A list of indices (or index name patterns) to which the permissions in this entry apply.
  
  One of:
  _types:IndexName string array-2 array[string]
  
  privileges array[string] Required
  
  The index level privileges that owners of the role have on the specified indices.
  
  query string | object
  
  While creating or updating a role you can provide either a JSON structure or a string to the API. However, the response provided by Elasticsearch will only be string with a json-as-text content.
  
  Since this is embedded in IndicesPrivileges, the same structure is used for clarity in both contexts.
  
  One of:
  _types:IndicesPrivilegesQuery string query_dsl:QueryContainer object _types:RoleTemplateQuery object
  
  An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
  
  Additional properties are allowed.
  
  External documentation
  
  metadata object Required
  
  Hide metadata attribute Show metadata attribute object
  
  * object Additional properties
  
  Additional properties are allowed.
  
  description string
  
  run_as array[string]
  
  transient_metadata object
  
  Hide transient_metadata attribute Show transient_metadata attribute object
  
  * object Additional properties
  
  Additional properties are allowed.
  
  applications array[object] Required
  
  Hide applications attributes Show applications attributes object
  
  application string Required
  
  The name of the application to which this entry applies.
  
  privileges array[string] Required
  
  A list of strings, where each element is the name of an application privilege or action.
  
  resources array[string] Required
  
  A list resources to which the privileges are applied.
  
  role_templates array[object]
  
  Hide role_templates attributes Show role_templates attributes object
  
  format string
  
  Values are string or json.
  
  template object Required
  
  Additional properties are allowed.
  
  Hide template attributes Show template attributes object
  
  source string
  
  The script source.
  
  id string
  
  params object
  
  Specifies any named parameters that are passed into the script as variables. Use parameters instead of hard-coded values to decrease compile time.
  
  Hide params attribute Show params attribute object
  
  * object Additional properties
  
  Additional properties are allowed.
  
  lang string
  
  Any of:
  _types:ScriptLanguage string _types:ScriptLanguage string
  
  Values are painless, expression, mustache, or java.
  
  options object
  
  Hide options attribute Show options attribute object
  
  * string Additional properties
  
  global object
  
  Hide global attribute Show global attribute object
  
  * object Additional properties
  
  Hide * attribute Show * attribute object
  
  * object Additional properties
  
  Hide * attribute Show * attribute object
  
  * array[string] Additional properties

GET /_security/role

curl \
 --request GET http://api.example.com/_security/role \
 --header "Authorization: $API_KEY"

Get roles

Responses

names string | array[string]

query string | object

lang string