Version: 7.x-45.0.0
This is an older version of Search Guard. Switch to Latest version
Enterprise

Action groups API

Used to receive, create, update and delete action groups.

Endpoint

/_searchguard/api/actiongroups/{actiongroup}

Where actiongroup is the name of the role.

GET

Get a single action group

GET /_searchguard/api/actiongroups/{actiongroup}

Returns the settings for the respective action group in JSON format, for example:

GET /_searchguard/api/actiongroups/SEARCH
{
  "allowed_actions" : [ "indices:data/read/search*", "indices:data/read/msearch*", "SUGGEST" ]
}

Get all action groups

GET /_searchguard/api/actiongroups/

Returns all action groups in JSON format.

DELETE

DELETE /_searchguard/api/actiongroups/{actiongroup}

Deletes the action group specified by actiongroup . If successful, the call returns with status code 200 and a JSON success message.

DELETE /_searchguard/api/actiongroups/SEARCH
{
  "status":"OK",
  "message":"actiongroup SEARCH deleted."
}

PUT

PUT /_searchguard/api/actiongroups/{actiongroup}

Replaces or creates the action group specified by actiongroup .

PUT /_searchguard/api/actiongroups/SEARCH
{
  "allowed_actions": ["indices:data/read/search*", "indices:data/read/msearch*", "SUGGEST" ]
}

The field allowed_actions is mandatory and contains permissions or references to other action groups.

{
  "status":"CREATED",
  "message":"action group SEARCH created"
}

PATCH

The PATCH endpoint can be used to change individual attributes of an action group, or to create, change and delete action groups in a bulk call. The PATCH endpoint expects a payload in JSON Patch format. Search Guard supports the complete JSON patch specification.

JSON patch specification: http://jsonpatch.com/

Patch an action group

PATCH /_searchguard/api/actiongroups/{actiongroup}

Adds, deletes or changes one or more attributes of a user specified by actiongroup .

PATCH /_searchguard/api/actiongroups/CREATE_INDEX
[ 
  { 
    "op": "replace", "path": "/allowed_actions", "value": ["indices:admin/create", "indices:admin/mapping/put"] 
  }
]

Bulk add, delete and change action groups

PATCH /_searchguard/api/actiongroups
[ 
  { 
    "op": "add", "path": "/CREATE_INDEX/allowed_actions", "value": ["indices:admin/create", "indices:admin/mapping/put"] 
  },
  { 
    "op": "remove", "path": "/CRUD"
  }
]


Not what you were looking for? Try the search.