Home Explore Help
Sign In
lqb
/
elasticsearch
mirror of https://gitee.com/mirrors/elasticsearch.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: dfaec0dbf0
Branches Tags
elasticsearch
/
docs
/
reference
/
rest-api
/
security
/
get-roles.asciidoc

get-roles.asciidoc 2.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293 
  1. [role="xpack"]
    2. 

  2. [[security-api-get-role]]
    3. 

  3. === Get roles API
    4. 

  4. ++++
    5. 

  5. <titleabbrev>Get roles</titleabbrev>
    6. 

  6. ++++
    7. 

  7. 

  8. Retrieves roles in the native realm.
    9. 

  9. 

  10. [[security-api-get-role-request]]
    11. 

  11. ==== {api-request-title}
    12. 

  12. 

  13. `GET /_security/role` +
    14. 

  14. 

  15. `GET /_security/role/<name>` +
    16. 

  16. 

  17. [[security-api-get-role-prereqs]]
    18. 

  18. ==== {api-prereq-title}
    19. 

  19. 

  20. * To use this API, you must have at least the `read_security` cluster privilege.
    21. 

  21. 

  22. [[security-api-get-role-desc]]
    23. 

  23. ==== {api-description-title}
    24. 

  24. 

  25. The role management APIs are generally the preferred way to manage roles, rather than using
    26. 

  26. <<roles-management-file,file-based role management>>. The get roles
    27. 

  27. API cannot retrieve roles that are defined in roles files.
    28. 

  28. 

  29. [[security-api-get-role-path-params]]
    30. 

  30. ==== {api-path-parms-title}
    31. 

  31. 

  32. `name`::
    33. 

  33.   (Optional, string) The name of the role. You can specify multiple roles as a
    34. 

  34.   comma-separated list. If you do not specify this parameter, the API
    35. 

  35.   returns information about all roles.
    36. 

  36. 

  37. [[security-api-get-role-response-body]]
    38. 

  38. ==== {api-response-body-title}
    39. 

  39. 

  40. A successful call returns an array of roles with the JSON representation of the
    41. 

  41. role.
    42. 

  42. 

  43. [[security-api-get-role-response-codes]]
    44. 

  44. ==== {api-response-codes-title}
    45. 

  45. 

  46. If the role is not defined in the native realm, the request returns 404.
    47. 

  47. 

  48. [[security-api-get-role-example]]
    49. 

  49. ==== {api-examples-title}
    50. 

  50. 

  51. The following example retrieves information about the `my_admin_role` role in
    52. 

  52. the native realm:
    53. 

  53. 

  54. [source,console]
    55. 

  55. --------------------------------------------------
    56. 

  56. GET /_security/role/my_admin_role
    57. 

  57. --------------------------------------------------
    58. 

  58. // TEST[setup:admin_role]
    59. 

  59. 

  60. [source,console-result]
    61. 

  61. --------------------------------------------------
    62. 

  62. {
    63. 

  63.   "my_admin_role": {
    64. 

  64.     "cluster" : [ "all" ],
    65. 

  65.     "indices" : [
    66. 

  66.       {
    67. 

  67.         "names" : [ "index1", "index2" ],
    68. 

  68.         "privileges" : [ "all" ],
    69. 

  69.         "allow_restricted_indices" : false,
    70. 

  70.         "field_security" : {
    71. 

  71.           "grant" : [ "title", "body" ]}
    72. 

  72.       }
    73. 

  73.     ],
    74. 

  74.     "applications" : [ ],
    75. 

  75.     "run_as" : [ "other_user" ],
    76. 

  76.     "metadata" : {
    77. 

  77.       "version" : 1
    78. 

  78.     },
    79. 

  79.     "transient_metadata": {
    80. 

  80.       "enabled": true
    81. 

  81.     }
    82. 

  82.   }
    83. 

  83. }
    84. 

  84. --------------------------------------------------
    85. 

  85. 

  86. To retrieve all roles, omit the role name:
    87. 

  87. 

  88. [source,console]
    89. 

  89. --------------------------------------------------
    90. 

  90. GET /_security/role
    91. 

  91. --------------------------------------------------
    92. 

  92. // TEST[continued]
    93. 

  93.