Action groups API
Used to receive, create, update and delete action groups.
Endpoint
/_searchguard/api/actiongroups/{actiongroup}
Where actiongroup
is the name of the role.
GET
Get a single action group
GET /_searchguard/api/actiongroups/{actiongroup}
Returns the settings for the respective action group in JSON format, for example:
GET /_searchguard/api/actiongroups/SEARCH
{
"allowed_actions" : [ "indices:data/read/search*", "indices:data/read/msearch*", "SUGGEST" ]
}
Get all action groups
GET /_searchguard/api/actiongroups/
Returns all action groups in JSON format.
DELETE
DELETE /_searchguard/api/actiongroups/{actiongroup}
Deletes the action group specified by actiongroup
. If successful, the call returns with status code 200 and a JSON success message.
DELETE /_searchguard/api/actiongroups/SEARCH
{
"status":"OK",
"message":"actiongroup SEARCH deleted."
}
PUT
PUT /_searchguard/api/actiongroups/{actiongroup}
Replaces or creates the action group specified by actiongroup
.
PUT /_searchguard/api/actiongroups/SEARCH
{
"allowed_actions": ["indices:data/read/search*", "indices:data/read/msearch*", "SUGGEST" ]
}
The field allowed_actions
is mandatory and contains permissions or references to other action groups.
{
"status":"CREATED",
"message":"action group SEARCH created"
}
PATCH
The PATCH endpoint can be used to change individual attributes of an action group, or to create, change and delete action groups in a bulk call. The PATCH endpoint expects a payload in JSON Patch format. Search Guard supports the complete JSON patch specification.
JSON patch specification: http://jsonpatch.com/
Example: Patch an action group
PATCH /_searchguard/api/actiongroups/{actiongroup}
Adds, deletes or changes one or more attributes of a user specified by actiongroup
.
PATCH /_searchguard/api/actiongroups/{actiongroup}
[
{
"op": "replace", "path": "/allowed_actions", "value": ["indices:admin/create", "indices:admin/mapping/put"]
}
]
Example: Bulk add, delete and change action groups
PATCH /_searchguard/api/actiongroups
[
{
"op": "add", "path": "/{actiongroup}/allowed_actions", "value": ["indices:admin/create", "indices:admin/mapping/put"]
},
{
"op": "remove", "path": "/CRUD"
}
]
Example: Modify an existing object or array
To append or remove items in an existing array according to the JSON patch format, you need to address the index or property name.
PATCH /_searchguard/api/actiongroups/{actiongroup}
[
{
"op": "add", "path": "/allowed_actions/0", "value": "indices:admin/validate/query"
},
{
"op": "add", "path": "/allowed_actions/-", "value": "indices:admin/shards/search_shards"
}
]
The operation inserts value into an array.
In the case of an array, the value is inserted before the given index. The -
character can be used instead of an index to insert at the end of an array.
PATCH /_searchguard/api/actiongroups/{actiongroup}
[
{
"op": "remove", "path": "/allowed_actions/0", "value": "indices:admin/validate/query"
}
]
The operation removes the element 0
of the array (or just removes the "0"
key if allowed_actions
is an object)
For more examples, please refer to JSON patch format documentation.