Get service accounts | Elasticsearch API documentation (original) (raw)

Dismiss highlight Show more

Path parameters

• The name of the namespace. Omit this parameter to retrieve information about all service accounts. If you omit this parameter, you must also omit the service parameter.
• The service name. Omit this parameter to retrieve information about all service accounts that belong to the specified namespace.

Responses

• 200 application/json
  Hide response attribute Show response attribute object
  • *
    object Additional properties
    Hide * attribute Show * attribute object
    * Hide role_descriptor attributes Show role_descriptor attributes object
    * A list of cluster privileges. These privileges define the cluster level actions that API keys are able to execute.
    * A list of indices permissions entries.
    Hide indices attributes Show indices attributes object
    * Hide field_security attributes Show field_security attributes object
    * grant
    string | array[string]
    * #### names string | array[string]
    A list of indices (or index name patterns) to which the permissions in this entry apply.
    * The index level privileges that owners of the role have on the specified indices.
    * #### query string | object
    While creating or updating a role you can provide either a JSON structure or a string to the API. However, the response provided by Elasticsearch will only be string with a json-as-text content.
    Since this is embedded in IndicesPrivileges, the same structure is used for clarity in both contexts.
    An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
    * Set to true if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the names list, Elasticsearch checks privileges against these indices regardless of the value set for allow_restricted_indices.
    * A list of indices permissions for remote clusters.
    Hide remote_indices attributes Show remote_indices attributes object
    * clusters
    string | array[string] Required
    * Hide field_security attributes Show field_security attributes object
    * grant
    string | array[string]
    * #### names string | array[string]
    A list of indices (or index name patterns) to which the permissions in this entry apply.
    * The index level privileges that owners of the role have on the specified indices.
    * #### query string | object
    While creating or updating a role you can provide either a JSON structure or a string to the API. However, the response provided by Elasticsearch will only be string with a json-as-text content.
    Since this is embedded in IndicesPrivileges, the same structure is used for clarity in both contexts.
    An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
    * Set to true if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the names list, Elasticsearch checks privileges against these indices regardless of the value set for allow_restricted_indices.
    * A list of cluster permissions for remote clusters. NOTE: This is limited a subset of the cluster permissions.
    Hide remote_cluster attributes Show remote_cluster attributes object
    * clusters
    string | array[string] Required
    * The cluster level privileges that owners of the role have on the remote cluster.
    Values are monitor_enrich or monitor_stats.
    * #### global array[object] | object
    An object defining global privileges. A global privilege is a form of cluster privilege that is request-aware. Support for global privileges is currently limited to the management of application privileges.
    Hide attribute Show attribute object
    * A list of application privilege entries
    Hide applications attributes Show applications attributes object
    * The name of the application to which this entry applies.
    * A list of strings, where each element is the name of an application privilege or action.
    * A list resources to which the privileges are applied.
    * Hide metadata attribute Show metadata attribute object
    * *
    object Additional properties
    * A list of users that the API keys can impersonate.
    * An optional description of the role descriptor.
    * Hide restriction attribute Show restriction attribute object
    * A list of workflows to which the API key is restricted. NOTE: In order to use a role restriction, an API key must be created with a single role descriptor.
    * Hide transient_metadata attribute Show transient_metadata attribute object
    * *
    object Additional properties