Create a security project

POST /api/v1/serverless/projects/security
Api key

The response will include the created project details, such as the project ID, the credentials to access the project, and the endpoints to access different apps such as Elasticsearch and Kibana. The credentials can be regenerated at any time using the _reset-credentials endpoint.

application/json

Body Required

Configuration of the security project to create.

  • name string Required

    Descriptive name for a project.

    Minimum length is 1, maximum length is 255.

  • alias string

    A custom domain label compatible with RFC-1035 standards. Derived from the project name by default.

    Minimum length is 1, maximum length is 50. Format should match the following pattern: ^[a-zA-Z]{1}(?:[a-zA-Z0-9-]*[a-zA-Z0-9]{1})?$.

  • region_id string Required

    Unique human-readable identifier for a region in Elastic Cloud.

  • admin_features_package string

    admin features package (BYOK, BYOIDP, CCS, CCR)

    Values are standard or enterprise.

  • product_types array[object]

    Defines Security product type object with product line and tier dimensions.

    At least 1 but not more than 3 elements. Default value is [{"product_line"=>"security", "product_tier"=>"complete"}, {"product_line"=>"cloud", "product_tier"=>"complete"}, {"product_line"=>"endpoint", "product_tier"=>"complete"}].

    Hide product_types attributes Show product_types attributes object
    • product_line string Required

      The identifier of the Security Solution product line.

      Values are security, cloud, or endpoint.

    • product_tier string Required

      The identifier of the Security Solution product tier.

      Values are complete or essentials.

  • search_lake object

    Configuration for the entire set of capabilities that make the data searchable in Security.

    Hide search_lake attribute Show search_lake attribute object
    • data_retention object | null

      Configuration to control the data retention in Elasticsearch data streams.

      Hide data_retention attributes Show data_retention attributes object | null
      • max_retention_days integer | null

        Maximum number of days allowed for retaining data in Elasticsearch data streams. Can be set to "null" for unlimited. A default of 396 will be applied if no value is specified on project creation.

        Minimum value is 7, maximum value is 3681.

      • default_retention_days integer | null

        Default number of days during which data remains available in Elasticsearch data streams. Can be set to "null" for unlimited. A default of 396 will be applied if no value is specified on project creation.

        Minimum value is 7, maximum value is 3681.

Responses

  • 201 application/json

    The created security project.

    Hide headers attribute Show headers attribute
    Hide response attributes Show response attributes object

    The created Security project along with credentials to access Elasticsearch.

    • id string Required

      ID of the project.

      Format should match the following pattern: ^[a-z0-9]{32}$.

    • name string Required

      Descriptive name for a project.

      Minimum length is 1, maximum length is 255.

    • alias string Required

      A custom domain label compatible with RFC-1035 standards. Derived from the project name by default.

      Minimum length is 1, maximum length is 50. Format should match the following pattern: ^[a-zA-Z]{1}(?:[a-zA-Z0-9-]*[a-zA-Z0-9]{1})?$.

    • region_id string Required

      Unique human-readable identifier for a region in Elastic Cloud.

    • metadata object Required

      Additional details about the project.

      Hide metadata attributes Show metadata attributes object
    • cloud_id string Required

      The cloud ID, an encoded string that provides other Elastic services with the necessary information to connect to this Elasticsearch and Kibana.

    • type string Required

      the type of the project

      Value is security.

    • endpoints object Required

      The endpoints to access the different apps of the project.

      Hide endpoints attributes Show endpoints attributes object
      • elasticsearch string Required

        The endpoint to access elasticsearch.

      • kibana string Required

        The endpoint to access kibana.

    • search_lake object

      Configuration for the entire set of capabilities that make the data searchable in Security.

      Hide search_lake attribute Show search_lake attribute object
      • data_retention object | null

        Configuration to control the data retention in Elasticsearch data streams.

        Hide data_retention attributes Show data_retention attributes object | null
        • max_retention_days integer | null

          Maximum number of days allowed for retaining data in Elasticsearch data streams. Can be set to "null" for unlimited. A default of 396 will be applied if no value is specified on project creation.

          Minimum value is 7, maximum value is 3681.

        • default_retention_days integer | null

          Default number of days during which data remains available in Elasticsearch data streams. Can be set to "null" for unlimited. A default of 396 will be applied if no value is specified on project creation.

          Minimum value is 7, maximum value is 3681.

    • admin_features_package string

      admin features package (BYOK, BYOIDP, CCS, CCR)

      Values are standard or enterprise.

    • product_types array[object]

      Defines Security product type object with product line and tier dimensions.

      At least 1 but not more than 3 elements. Default value is [{"product_line"=>"security", "product_tier"=>"complete"}, {"product_line"=>"cloud", "product_tier"=>"complete"}, {"product_line"=>"endpoint", "product_tier"=>"complete"}].

      Hide product_types attributes Show product_types attributes object
      • product_line string Required

        The identifier of the Security Solution product line.

        Values are security, cloud, or endpoint.

      • product_tier string Required

        The identifier of the Security Solution product tier.

        Values are complete or essentials.

    • credentials object Required

      Basic auth credentials to access the Elasticsearch API.

      Hide credentials attributes Show credentials attributes object
      • username string Required

        Basic auth username that can be used to access the Elasticsearch API.

      • password string Required

        Basic auth password that can be used to access the Elasticsearch API.
  • 400 application/json

    Bad request

    Hide response attribute Show response attribute object
    • errors array[object] Required

      An error response returned by the API.

      Hide errors attributes Show errors attributes object
      • message string Required

        A human-readable message of the error.

      • code string Required

        An identifier for this type of error.
  • 422 application/json

    Unprocessable entity

    Hide response attribute Show response attribute object
    • errors array[object] Required

      An error response returned by the API.

      Hide errors attributes Show errors attributes object
      • message string Required

        A human-readable message of the error.

      • code string Required

        An identifier for this type of error.
POST /api/v1/serverless/projects/security 
curl \
 --request POST 'https://api.elastic-cloud.com/api/v1/serverless/projects/security' \
 --header "Authorization: $API_KEY" \
 --header "Content-Type: application/json" \
 --data '{"name":"Example project","region_id":"aws-us-east-1"}'
Request example 
{
  "name": "Example project",
  "region_id": "aws-us-east-1"
}
Response examples (201) 
# Headers
ETag: string

# Payload
{
  "id": "string",
  "name": "my project",
  "alias": "my-project-alias",
  "region_id": "aws-us-east-1",
  "metadata": {
    "created_at": "2025-05-04T09:42:00Z",
    "created_by": "1014289666002276",
    "organization_id": "198583657190",
    "suspended_at": "2025-05-04T09:42:00Z",
    "suspended_reason": "trial expired"
  },
  "cloud_id": "my_project:LmF3cy5lbGFzdG",
  "type": "security",
  "endpoints": {
    "elasticsearch": "string",
    "kibana": "string"
  },
  "search_lake": {
    "data_retention": {
      "max_retention_days": 42,
      "default_retention_days": 42
    }
  },
  "admin_features_package": "standard",
  "product_types": [
    {
      "product_line": "security",
      "product_tier": "complete"
    }
  ],
  "credentials": {
    "username": "admin",
    "password": "*****"
  }
}
Response examples (400) 
{
  "errors": [
    {
      "message": "Explicative error message",
      "code": "code.error"
    }
  ]
}
Response examples (422) 
{
  "errors": [
    {
      "message": "Explicative error message",
      "code": "code.error"
    }
  ]
}