Create or update role mappings Added in 5.5.0
Role mappings define which roles are assigned to each user. Each mapping has rules that identify users and a list of roles that are granted to those users. The role mapping APIs are generally the preferred way to manage role mappings rather than using role mapping files. The create or update role mappings API cannot update role mappings that are defined in role mapping files.
This API does not create roles. Rather, it maps users to existing roles. Roles can be created by using the create or update roles API or roles files.
Path parameters
-
Role-mapping name
Query parameters
-
refresh string
If
true
(the default) then refresh the affected shards to make this operation visible to search, ifwait_for
then wait for a refresh to make this operation visible to search, iffalse
then do nothing with refreshes.Values are
true
,false
, orwait_for
.
curl \
-X PUT http://api.example.com/_security/role_mapping/{name} \
-H "Content-Type: application/json" \
-d '{"enabled":true,"metadata":{"additionalProperty1":{},"additionalProperty2":{}},"roles":["string"],"role_templates":[{"format":"string","template":{"source":"string","id":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"":"painless","options":{"additionalProperty1":"string","additionalProperty2":"string"}}}],"rules":{"any":[{}],"all":[{}],"field":{"username":"string","dn":"string","groups":"string"},"except":{}},"run_as":["string"]}'
{
"enabled": true,
"metadata": {
"additionalProperty1": {},
"additionalProperty2": {}
},
"roles": [
"string"
],
"role_templates": [
{
"format": "string",
"template": {
"source": "string",
"id": "string",
"params": {
"additionalProperty1": {},
"additionalProperty2": {}
},
"": "painless",
"options": {
"additionalProperty1": "string",
"additionalProperty2": "string"
}
}
}
],
"rules": {
"any": [
{}
],
"all": [
{}
],
"field": {
"username": "string",
"dn": "string",
"groups": "string"
},
"except": {}
},
"run_as": [
"string"
]
}
{
"created": true,
"role_mapping": {
"created": true
}
}