Home Explore Help
Register Sign In
lqb
/
elasticsearch
mirror of https://gitee.com/mirrors/elasticsearch.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: b499ff745a
Branches Tags
elasticsearch
/
docs
/
reference
/
rest-api
/
security
/
get-builtin-privileges.asciidoc

get-builtin-privileges.asciidoc 4.1 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166 
  1. 

  2. [role="xpack"]
    3. 

  3. [[security-api-get-builtin-privileges]]
    4. 

  4. === Get builtin privileges API
    5. 

  5. ++++
    6. 

  6. <titleabbrev>Get builtin privileges</titleabbrev>
    7. 

  7. ++++
    8. 

  8. 

  9. .New API reference
    10. 

  10. [sidebar]
    11. 

  11. --
    12. 

  12. For the most up-to-date API details, refer to {api-es}/group/endpoint-security[Security APIs].
    13. 

  13. --
    14. 

  14. 

  15. Retrieves the list of <<privileges-list-cluster,cluster privileges>> and
    16. 

  16. <<privileges-list-indices,index privileges>> that are
    17. 

  17. available in this version of {es}.
    18. 

  18. 

  19. [[security-api-get-builtin-privileges-request]]
    20. 

  20. ==== {api-request-title}
    21. 

  21. 

  22. `GET /_security/privilege/_builtin`
    23. 

  23. 

  24. 

  25. [[security-api-get-builtin-privileges-prereqs]]
    26. 

  26. ==== {api-prereq-title}
    27. 

  27. 

  28. * To use this API, you must have the `read_security` cluster privilege
    29. 

  29. (or a greater privilege such as `manage_security` or `all`).
    30. 

  30. 

  31. [[security-api-get-builtin-privileges-desc]]
    32. 

  32. ==== {api-description-title}
    33. 

  33. 

  34. This API retrieves the set of cluster and index privilege names that are
    35. 

  35. available in the version of {es} that is being queried.
    36. 

  36. 

  37. To check whether a user has particular privileges, use the
    38. 

  38. <<security-api-has-privileges,has privileges API>>.
    39. 

  39. 

  40. 

  41. [[security-api-get-builtin-privileges-response-body]]
    42. 

  42. ==== {api-response-body-title}
    43. 

  43. 

  44. The response is an object with two fields:
    45. 

  45. 

  46. `cluster`:: (array of string) The list of
    47. 

  47. <<privileges-list-cluster,cluster privileges>> that are understood by this
    48. 

  48. version of {es}.
    49. 

  49. 

  50. `index`:: (array of string) The list of
    51. 

  51. <<privileges-list-indices,index privileges>> that are understood by this version
    52. 

  52. of {es}.
    53. 

  53. 

  54. `remote_cluster`:: (array of string) The list of
    55. 

  55. <<roles-remote-cluster-priv, remote_cluster>> privileges that are understood by this version
    56. 

  56. of {es}.
    57. 

  57. 

  58. [[security-api-get-builtin-privileges-example]]
    59. 

  59. ==== {api-examples-title}
    60. 

  60. 

  61. The following example retrieves the names of all builtin privileges:
    62. 

  62. 

  63. [source,console]
    64. 

  64. --------------------------------------------------
    65. 

  65. GET /_security/privilege/_builtin
    66. 

  66. --------------------------------------------------
    67. 

  67. 

  68. A successful call returns an object with "cluster", "index", and "remote_cluster" fields.
    69. 

  69. 

  70. [source,console-result]
    71. 

  71. --------------------------------------------------
    72. 

  72. {
    73. 

  73.   "cluster" : [
    74. 

  74.     "all",
    75. 

  75.     "cancel_task",
    76. 

  76.     "create_snapshot",
    77. 

  77.     "cross_cluster_replication",
    78. 

  78.     "cross_cluster_search",
    79. 

  79.     "delegate_pki",
    80. 

  80.     "grant_api_key",
    81. 

  81.     "manage",
    82. 

  82.     "manage_api_key",
    83. 

  83.     "manage_autoscaling",
    84. 

  84.     "manage_behavioral_analytics",
    85. 

  85.     "manage_ccr",
    86. 

  86.     "manage_connector",
    87. 

  87.     "manage_data_frame_transforms",
    88. 

  88.     "manage_data_stream_global_retention",
    89. 

  89.     "manage_enrich",
    90. 

  90.     "manage_ilm",
    91. 

  91.     "manage_index_templates",
    92. 

  92.     "manage_inference",
    93. 

  93.     "manage_ingest_pipelines",
    94. 

  94.     "manage_logstash_pipelines",
    95. 

  95.     "manage_ml",
    96. 

  96.     "manage_oidc",
    97. 

  97.     "manage_own_api_key",
    98. 

  98.     "manage_pipeline",
    99. 

  99.     "manage_rollup",
    100. 

  100.     "manage_saml",
    101. 

  101.     "manage_search_application",
    102. 

  102.     "manage_search_query_rules",
    103. 

  103.     "manage_search_synonyms",
    104. 

  104.     "manage_security",
    105. 

  105.     "manage_service_account",
    106. 

  106.     "manage_slm",
    107. 

  107.     "manage_token",
    108. 

  108.     "manage_transform",
    109. 

  109.     "manage_user_profile",
    110. 

  110.     "manage_watcher",
    111. 

  111.     "monitor",
    112. 

  112.     "monitor_connector",
    113. 

  113.     "monitor_data_frame_transforms",
    114. 

  114.     "monitor_data_stream_global_retention",
    115. 

  115.     "monitor_enrich",
    116. 

  116.     "monitor_inference",
    117. 

  117.     "monitor_ml",
    118. 

  118.     "monitor_rollup",
    119. 

  119.     "monitor_snapshot",
    120. 

  120.     "monitor_stats",
    121. 

  121.     "monitor_text_structure",
    122. 

  122.     "monitor_transform",
    123. 

  123.     "monitor_watcher",
    124. 

  124.     "none",
    125. 

  125.     "post_behavioral_analytics_event",
    126. 

  126.     "read_ccr",
    127. 

  127.     "read_connector_secrets",
    128. 

  128.     "read_fleet_secrets",
    129. 

  129.     "read_ilm",
    130. 

  130.     "read_pipeline",
    131. 

  131.     "read_security",
    132. 

  132.     "read_slm",
    133. 

  133.     "transport_client",
    134. 

  134.     "write_connector_secrets",
    135. 

  135.     "write_fleet_secrets"
    136. 

  136.   ],
    137. 

  137.   "index" : [
    138. 

  138.     "all",
    139. 

  139.     "auto_configure",
    140. 

  140.     "create",
    141. 

  141.     "create_doc",
    142. 

  142.     "create_index",
    143. 

  143.     "cross_cluster_replication",
    144. 

  144.     "cross_cluster_replication_internal",
    145. 

  145.     "delete",
    146. 

  146.     "delete_index",
    147. 

  147.     "index",
    148. 

  148.     "maintenance",
    149. 

  149.     "manage",
    150. 

  150.     "manage_data_stream_lifecycle",
    151. 

  151.     "manage_follow_index",
    152. 

  152.     "manage_ilm",
    153. 

  153.     "manage_leader_index",
    154. 

  154.     "monitor",
    155. 

  155.     "none",
    156. 

  156.     "read",
    157. 

  157.     "read_cross_cluster",
    158. 

  158.     "view_index_metadata",
    159. 

  159.     "write"
    160. 

  160.   ],
    161. 

  161.   "remote_cluster" : [
    162. 

  162.     "monitor_enrich",
    163. 

  163.     "monitor_stats"
    164. 

  164.   ]
    165. 

  165. }
    166. 

  166. --------------------------------------------------
    167.