Put enrich policy API

Creates an enrich policy.

PUT /_enrich/policy/my-policy
{
    "match": {
        "indices": "users",
        "match_field": "email",
        "enrich_fields": ["first_name", "last_name", "city", "zip", "state"]
    }
}

Request

PUT /_enrich/policy/<enrich-policy>

Prerequisites

If you use Elasticsearch security features, you must have:

  • read index privileges for any indices used
  • The enrich_user built-in role

Description

Use the put enrich policy API to create a new enrich policy.

Once created, you can’t update or change an enrich policy. Instead, you can:

  1. Create and execute a new enrich policy.
  2. Replace the previous enrich policy with the new enrich policy in any in-use enrich processors.
  3. Use the delete enrich policy API to delete the previous enrich policy.

Path parameters

<enrich-policy>
(Required, string) Enrich policy name used to limit the request.

Request body

<policy-type>

(Required, enrich policy object) Enrich policy used to match and add the right enrich data to the right incoming documents.

See Enrich policy definition for object definition and parameters.