Bulk delete roles API
editBulk delete roles API
editThis functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
Bulk deletes roles in the native realm.
Request
editDELETE /_security/role/
Prerequisites
edit-
To use this API, you must have at least the
manage_security
cluster privilege.
Description
editThe role management APIs are generally the preferred way to manage roles, rather than using file-based role management. The bulk delete roles API cannot delete roles that are defined in roles files.
Path parameters
edit-
refresh
- Optional setting of the refresh policy for the write request. Defaults to Immediate.
Request body
editThe following parameters can be specified in the body of a DELETE request and pertain to deleting a set of roles:
-
names
- (list) A list of role names to delete.
Examples
editThe following example deletes a my_admin_role
and my_user_role
roles:
resp = client.security.bulk_delete_role( names=[ "my_admin_role", "my_user_role" ], ) print(resp)
const response = await client.security.bulkDeleteRole({ names: ["my_admin_role", "my_user_role"], }); console.log(response);
DELETE /_security/role { "names": ["my_admin_role", "my_user_role"] }
If the roles are successfully deleted, the request returns:
{ "deleted": [ "my_admin_role", "my_user_role" ] }
If a role cannot be found, the not found roles are grouped under not_found
:
resp = client.security.bulk_delete_role( names=[ "my_admin_role", "not_an_existing_role" ], ) print(resp)
const response = await client.security.bulkDeleteRole({ names: ["my_admin_role", "not_an_existing_role"], }); console.log(response);
DELETE /_security/role { "names": ["my_admin_role", "not_an_existing_role"] }
{ "deleted": [ "my_admin_role" ], "not_found": [ "not_an_existing_role" ] }
If a request fails or is invalid, the errors are grouped under errors
:
resp = client.security.bulk_delete_role( names=[ "my_admin_role", "superuser" ], ) print(resp)
const response = await client.security.bulkDeleteRole({ names: ["my_admin_role", "superuser"], }); console.log(response);
DELETE /_security/role { "names": ["my_admin_role", "superuser"] }
{ "deleted": [ "my_admin_role" ], "errors": { "count": 1, "details": { "superuser": { "type": "illegal_argument_exception", "reason": "role [superuser] is reserved and cannot be deleted" } } } }