Body

• roles object Required
  Hide roles attribute Show roles attribute object

  • * object Additional properties

    Additional properties are NOT allowed.

    Hide * attributes Show * attributes object

    • description string

      A description for the role.

      Maximum length is 2048.

    • elasticsearch object Required

      Additional properties are NOT allowed.

      Hide elasticsearch attributes Show elasticsearch attributes object

      • cluster array[string]

        Cluster privileges that define the cluster level actions that users can perform.

      • indices array[object]
        Hide indices attributes Show indices attributes object

        • allow_restricted_indices boolean

          Restricted indices are a special category of indices that are used internally to store configuration data and should not be directly accessed. Only internal system roles should normally grant privileges over the restricted indices. Toggling this flag is very strongly discouraged because it could effectively grant unrestricted operations on critical data, making the entire system unstable or leaking sensitive information. If for administrative purposes you need to create a role with privileges covering restricted indices, however, you can set this property to true. In that case, the names field covers the restricted indices too.

        • field_security object
          Hide field_security attribute Show field_security attribute object

          • * array[string] Additional properties

            The document fields that the role members have read access to.

        • names array[string] Required

          The data streams, indices, and aliases to which the permissions in this entry apply. It supports wildcards (*).

          At least 1 element.

        • privileges array[string] Required

          The index level privileges that the role members have for the data streams and indices.

          At least 1 element.

        • query string

          A search query that defines the documents the role members have read access to. A document within the specified data streams and indices must match this query in order for it to be accessible by the role members.

      • remote_cluster array[object]
        Hide remote_cluster attributes Show remote_cluster attributes object

        • clusters array[string] Required

          A list of remote cluster aliases. It supports literal strings as well as wildcards and regular expressions.

          At least 1 element.

        • privileges array[string] Required

          The cluster level privileges for the remote cluster. The allowed values are a subset of the cluster privileges.

          At least 1 element.

      • remote_indices array[object]
        Hide remote_indices attributes Show remote_indices attributes object

        • allow_restricted_indices boolean

          Restricted indices are a special category of indices that are used internally to store configuration data and should not be directly accessed. Only internal system roles should normally grant privileges over the restricted indices. Toggling this flag is very strongly discouraged because it could effectively grant unrestricted operations on critical data, making the entire system unstable or leaking sensitive information. If for administrative purposes you need to create a role with privileges covering restricted indices, however, you can set this property to true. In that case, the names field will cover the restricted indices too.

        • clusters array[string] Required

          A list of remote cluster aliases. It supports literal strings as well as wildcards and regular expressions.

          At least 1 element.

        • field_security object
          Hide field_security attribute Show field_security attribute object

          • * array[string] Additional properties

            The document fields that the role members have read access to.

        • names array[string] Required

          A list of remote aliases, data streams, or indices to which the permissions apply. It supports wildcards (*).

          At least 1 element.

        • privileges array[string] Required

          The index level privileges that role members have for the specified indices.

          At least 1 element.

        • query string

          A search query that defines the documents the role members have read access to. A document within the specified data streams and indices must match this query in order for it to be accessible by the role members.

      • run_as array[string]

        A user name that the role member can impersonate.

    • kibana array[object]
      Hide kibana attributes Show kibana attributes object

      • base array | null | boolean | number | object | string Required

        Any of:

        array-1 array | null boolean-2 boolean | null number-3 number | null object-4 object | null string-5 string | null

        Additional properties are allowed.
      • feature object
        Hide feature attribute Show feature attribute object

        • * array[string] Additional properties

          The privileges that the role member has for the feature.

      • spaces array[string]

        Any of:

        array-1 array[string] array-2 array[string]

        At least 1 but not more than 1 element. Value is *. Default value is ["*"].

        A space that the privilege applies to.

        Default value is ["*"].

    • metadata object

      Additional properties are allowed.