Module: Elasticsearch::API::Security::Actions

Included in:

SecurityClient

Defined in:

lib/elasticsearch/api/namespace/security.rb,
lib/elasticsearch/api/actions/security/get_role.rb,
lib/elasticsearch/api/actions/security/get_user.rb,
lib/elasticsearch/api/actions/security/put_role.rb,
lib/elasticsearch/api/actions/security/put_user.rb,
lib/elasticsearch/api/actions/security/get_token.rb,
lib/elasticsearch/api/actions/security/query_user.rb,
lib/elasticsearch/api/actions/security/delete_role.rb,
lib/elasticsearch/api/actions/security/delete_user.rb,
lib/elasticsearch/api/actions/security/enable_user.rb,
lib/elasticsearch/api/actions/security/enroll_node.rb,
lib/elasticsearch/api/actions/security/get_api_key.rb,
lib/elasticsearch/api/actions/security/oidc_logout.rb,
lib/elasticsearch/api/actions/security/saml_logout.rb,
lib/elasticsearch/api/actions/security/authenticate.rb,
lib/elasticsearch/api/actions/security/disable_user.rb,
lib/elasticsearch/api/actions/security/get_settings.rb,
lib/elasticsearch/api/actions/security/enroll_kibana.rb,
lib/elasticsearch/api/actions/security/grant_api_key.rb,
lib/elasticsearch/api/actions/security/create_api_key.rb,
lib/elasticsearch/api/actions/security/get_privileges.rb,
lib/elasticsearch/api/actions/security/has_privileges.rb,
lib/elasticsearch/api/actions/security/put_privileges.rb,
lib/elasticsearch/api/actions/security/query_api_keys.rb,
lib/elasticsearch/api/actions/security/update_api_key.rb,
lib/elasticsearch/api/actions/security/change_password.rb,
lib/elasticsearch/api/actions/security/saml_invalidate.rb,
lib/elasticsearch/api/actions/security/update_settings.rb,
lib/elasticsearch/api/actions/security/get_role_mapping.rb,
lib/elasticsearch/api/actions/security/get_user_profile.rb,
lib/elasticsearch/api/actions/security/invalidate_token.rb,
lib/elasticsearch/api/actions/security/put_role_mapping.rb,
lib/elasticsearch/api/actions/security/delete_privileges.rb,
lib/elasticsearch/api/actions/security/oidc_authenticate.rb,
lib/elasticsearch/api/actions/security/saml_authenticate.rb,
lib/elasticsearch/api/actions/security/clear_cached_roles.rb,
lib/elasticsearch/api/actions/security/invalidate_api_key.rb,
lib/elasticsearch/api/actions/security/clear_api_key_cache.rb,
lib/elasticsearch/api/actions/security/clear_cached_realms.rb,
lib/elasticsearch/api/actions/security/delete_role_mapping.rb,
lib/elasticsearch/api/actions/security/enable_user_profile.rb,
lib/elasticsearch/api/actions/security/get_user_privileges.rb,
lib/elasticsearch/api/actions/security/bulk_update_api_keys.rb,
lib/elasticsearch/api/actions/security/create_service_token.rb,
lib/elasticsearch/api/actions/security/delete_service_token.rb,
lib/elasticsearch/api/actions/security/disable_user_profile.rb,
lib/elasticsearch/api/actions/security/get_service_accounts.rb,
lib/elasticsearch/api/actions/security/saml_complete_logout.rb,
lib/elasticsearch/api/actions/security/activate_user_profile.rb,
lib/elasticsearch/api/actions/security/suggest_user_profiles.rb,
lib/elasticsearch/api/actions/security/get_builtin_privileges.rb,
lib/elasticsearch/api/actions/security/clear_cached_privileges.rb,
lib/elasticsearch/api/actions/security/get_service_credentials.rb,
lib/elasticsearch/api/actions/security/update_user_profile_data.rb,
lib/elasticsearch/api/actions/security/clear_cached_service_tokens.rb,
lib/elasticsearch/api/actions/security/has_privileges_user_profile.rb,
lib/elasticsearch/api/actions/security/oidc_prepare_authentication.rb,
lib/elasticsearch/api/actions/security/saml_prepare_authentication.rb,
lib/elasticsearch/api/actions/security/create_cross_cluster_api_key.rb,
lib/elasticsearch/api/actions/security/update_cross_cluster_api_key.rb,
lib/elasticsearch/api/actions/security/saml_service_provider_metadata.rb

Instance Method Summary

• #activate_user_profile(arguments = {}) ⇒ Object

  Creates or updates the user profile on behalf of another user.

• #authenticate(arguments = {}) ⇒ Object

  Enables authentication as a user and retrieve information about the authenticated user.

• #bulk_update_api_keys(arguments = {}) ⇒ Object

  Updates the attributes of multiple existing API keys.

• #change_password(arguments = {}) ⇒ Object

  Changes the passwords of users in the native realm and built-in users.

• #clear_api_key_cache(arguments = {}) ⇒ Object

  Clear a subset or all entries from the API key cache.

• #clear_cached_privileges(arguments = {}) ⇒ Object

  Evicts application privileges from the native application privileges cache.

• #clear_cached_realms(arguments = {}) ⇒ Object

  Evicts users from the user cache.

• #clear_cached_roles(arguments = {}) ⇒ Object

  Evicts roles from the native role cache.

• #clear_cached_service_tokens(arguments = {}) ⇒ Object

  Evicts tokens from the service account token caches.

• #create_api_key(arguments = {}) ⇒ Object

  Creates an API key for access without requiring basic authentication.

• #create_cross_cluster_api_key(arguments = {}) ⇒ Object

  Creates a cross-cluster API key for API key based remote cluster access.

• #create_service_token(arguments = {}) ⇒ Object

  Creates a service account token for access without requiring basic authentication.

• #delete_privileges(arguments = {}) ⇒ Object

  Removes application privileges.

• #delete_role(arguments = {}) ⇒ Object

  Removes roles in the native realm.

• #delete_role_mapping(arguments = {}) ⇒ Object

  Removes role mappings.

• #delete_service_token(arguments = {}) ⇒ Object

  Deletes a service account token.

• #delete_user(arguments = {}) ⇒ Object

  Deletes users from the native realm.

• #disable_user(arguments = {}) ⇒ Object

  Disables users in the native realm.

• #disable_user_profile(arguments = {}) ⇒ Object

  Disables a user profile so it’s not visible in user profile searches.

• #enable_user(arguments = {}) ⇒ Object

  Enables users in the native realm.

• #enable_user_profile(arguments = {}) ⇒ Object

  Enables a user profile so it’s visible in user profile searches.

• #enroll_kibana(arguments = {}) ⇒ Object

  Allows a kibana instance to configure itself to communicate with a secured elasticsearch cluster.

• #enroll_node(arguments = {}) ⇒ Object

  Allows a new node to enroll to an existing cluster with security enabled.

• #get_api_key(arguments = {}) ⇒ Object

  Retrieves information for one or more API keys.

• #get_builtin_privileges(arguments = {}) ⇒ Object

  Retrieves the list of cluster privileges and index privileges that are available in this version of Elasticsearch.

• #get_privileges(arguments = {}) ⇒ Object

  Retrieves application privileges.

• #get_role(arguments = {}) ⇒ Object

  Retrieves roles in the native realm.

• #get_role_mapping(arguments = {}) ⇒ Object

  Retrieves role mappings.

• #get_service_accounts(arguments = {}) ⇒ Object

  Retrieves information about service accounts.

• #get_service_credentials(arguments = {}) ⇒ Object

  Retrieves information of all service credentials for a service account.

• #get_settings(arguments = {}) ⇒ Object

  Retrieve settings for the security system indices.

• #get_token(arguments = {}) ⇒ Object

  Creates a bearer token for access without requiring basic authentication.

• #get_user(arguments = {}) ⇒ Object

  Retrieves information about users in the native realm and built-in users.

• #get_user_privileges(arguments = {}) ⇒ Object

  Retrieves security privileges for the logged in user.

• #get_user_profile(arguments = {}) ⇒ Object

  Retrieves user profiles for the given unique ID(s).

• #grant_api_key(arguments = {}) ⇒ Object

  Creates an API key on behalf of another user.

• #has_privileges(arguments = {}) ⇒ Object

  Determines whether the specified user has a specified list of privileges.

• #has_privileges_user_profile(arguments = {}) ⇒ Object

  Determines whether the users associated with the specified profile IDs have all the requested privileges.

• #invalidate_api_key(arguments = {}) ⇒ Object

  Invalidates one or more API keys.

• #invalidate_token(arguments = {}) ⇒ Object

  Invalidates one or more access tokens or refresh tokens.

• #oidc_authenticate(arguments = {}) ⇒ Object

  Exchanges an OpenID Connection authentication response message for an Elasticsearch access token and refresh token pair.

• #oidc_logout(arguments = {}) ⇒ Object

  Invalidates a refresh token and access token that was generated from the OpenID Connect Authenticate API.

• #oidc_prepare_authentication(arguments = {}) ⇒ Object

  Creates an OAuth 2.0 authentication request as a URL string.

• #put_privileges(arguments = {}) ⇒ Object

  Adds or updates application privileges.

• #put_role(arguments = {}) ⇒ Object

  Adds and updates roles in the native realm.

• #put_role_mapping(arguments = {}) ⇒ Object

  Creates and updates role mappings.

• #put_user(arguments = {}) ⇒ Object

  Adds and updates users in the native realm.

• #query_api_keys(arguments = {}) ⇒ Object

  Retrieves information for API keys using a subset of query DSL.

• #query_user(arguments = {}) ⇒ Object

  Retrieves information for Users using a subset of query DSL.

• #saml_authenticate(arguments = {}) ⇒ Object

  Exchanges a SAML Response message for an Elasticsearch access token and refresh token pair.

• #saml_complete_logout(arguments = {}) ⇒ Object

  Verifies the logout response sent from the SAML IdP.

• #saml_invalidate(arguments = {}) ⇒ Object

  Consumes a SAML LogoutRequest.

• #saml_logout(arguments = {}) ⇒ Object

  Invalidates an access token and a refresh token that were generated via the SAML Authenticate API.

• #saml_prepare_authentication(arguments = {}) ⇒ Object

  Creates a SAML authentication request.

• #saml_service_provider_metadata(arguments = {}) ⇒ Object

  Generates SAML metadata for the Elastic stack SAML 2.0 Service Provider.

• #suggest_user_profiles(arguments = {}) ⇒ Object

  Get suggestions for user profiles that match specified search criteria.

• #update_api_key(arguments = {}) ⇒ Object

  Updates attributes of an existing API key.

• #update_cross_cluster_api_key(arguments = {}) ⇒ Object

  Updates attributes of an existing cross-cluster API key.

• #update_settings(arguments = {}) ⇒ Object

  Update settings for the security system index.

• #update_user_profile_data(arguments = {}) ⇒ Object

  Update application specific data for the user profile of the given unique ID.

Instance Method Details

#activate_user_profile(arguments = {}) ⇒ Object

Creates or updates the user profile on behalf of another user.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The grant type and user’s credential (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-activate-user-profile.html

# File 'lib/elasticsearch/api/actions/security/activate_user_profile.rb', line 32

def activate_user_profile(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.activate_user_profile' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = '_security/profile/_activate'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#authenticate(arguments = {}) ⇒ Object

Enables authentication as a user and retrieve information about the authenticated user.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-authenticate.html

# File 'lib/elasticsearch/api/actions/security/authenticate.rb', line 31

def authenticate(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.authenticate' }

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  method = Elasticsearch::API::HTTP_GET
  path   = '_security/_authenticate'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#bulk_update_api_keys(arguments = {}) ⇒ Object

Updates the attributes of multiple existing API keys.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The API key request to update the attributes of multiple API keys. (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-bulk-update-api-keys.html

# File 'lib/elasticsearch/api/actions/security/bulk_update_api_keys.rb', line 32

def bulk_update_api_keys(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.bulk_update_api_keys' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = '_security/api_key/_bulk_update'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#change_password(arguments = {}) ⇒ Object

Changes the passwords of users in the native realm and built-in users.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :username (String) —

  The username of the user to change the password for

• :refresh (String) —

  If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  the new password for the user (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-change-password.html

# File 'lib/elasticsearch/api/actions/security/change_password.rb', line 34

def change_password(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.change_password' }

  defined_params = [:username].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  _username = arguments.delete(:username)

  method = Elasticsearch::API::HTTP_PUT
  path   = if _username
             "_security/user/#{Utils.__listify(_username)}/_password"
           else
             '_security/user/_password'
           end
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#clear_api_key_cache(arguments = {}) ⇒ Object

Clear a subset or all entries from the API key cache.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :ids (List) —

  A comma-separated list of IDs of API keys to clear from the cache

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-clear-api-key-cache.html

# File 'lib/elasticsearch/api/actions/security/clear_api_key_cache.rb', line 32

def clear_api_key_cache(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.clear_api_key_cache' }

  defined_params = [:ids].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'ids' missing" unless arguments[:ids]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  _ids = arguments.delete(:ids)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/api_key/#{Utils.__listify(_ids)}/_clear_cache"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#clear_cached_privileges(arguments = {}) ⇒ Object

Evicts application privileges from the native application privileges cache.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :application (List) —

  A comma-separated list of application names

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-clear-privilege-cache.html

# File 'lib/elasticsearch/api/actions/security/clear_cached_privileges.rb', line 32

def clear_cached_privileges(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.clear_cached_privileges' }

  defined_params = [:application].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'application' missing" unless arguments[:application]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _application = arguments.delete(:application)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/privilege/#{Utils.__listify(_application)}/_clear_cache"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#clear_cached_realms(arguments = {}) ⇒ Object

Evicts users from the user cache. Can completely clear the cache or evict specific users.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :realms (List) —

  Comma-separated list of realms to clear

• :usernames (List) —

  Comma-separated list of usernames to clear from the cache

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-clear-cache.html

# File 'lib/elasticsearch/api/actions/security/clear_cached_realms.rb', line 33

def clear_cached_realms(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.clear_cached_realms' }

  defined_params = [:realms].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'realms' missing" unless arguments[:realms]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _realms = arguments.delete(:realms)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/realm/#{Utils.__listify(_realms)}/_clear_cache"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#clear_cached_roles(arguments = {}) ⇒ Object

Evicts roles from the native role cache.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :name (List) —

  Role name

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-clear-role-cache.html

# File 'lib/elasticsearch/api/actions/security/clear_cached_roles.rb', line 32

def clear_cached_roles(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.clear_cached_roles' }

  defined_params = [:name].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/role/#{Utils.__listify(_name)}/_clear_cache"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#clear_cached_service_tokens(arguments = {}) ⇒ Object

Evicts tokens from the service account token caches.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :namespace (String) —

  An identifier for the namespace

• :service (String) —

  An identifier for the service name

• :name (List) —

  A comma-separated list of service token names

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-clear-service-token-caches.html

# File 'lib/elasticsearch/api/actions/security/clear_cached_service_tokens.rb', line 34

def clear_cached_service_tokens(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.clear_cached_service_tokens' }

  defined_params = %i[namespace service name].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'namespace' missing" unless arguments[:namespace]
  raise ArgumentError, "Required argument 'service' missing" unless arguments[:service]
  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _namespace = arguments.delete(:namespace)

  _service = arguments.delete(:service)

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_POST
  path   = "_security/service/#{Utils.__listify(_namespace)}/#{Utils.__listify(_service)}/credential/token/#{Utils.__listify(_name)}/_clear_cache"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#create_api_key(arguments = {}) ⇒ Object

Creates an API key for access without requiring basic authentication.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :refresh (String) —

  If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The api key request to create an API key (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-create-api-key.html

# File 'lib/elasticsearch/api/actions/security/create_api_key.rb', line 33

def create_api_key(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.create_api_key' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_PUT
  path   = '_security/api_key'
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#create_cross_cluster_api_key(arguments = {}) ⇒ Object

Creates a cross-cluster API key for API key based remote cluster access. This functionality is in Beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The request to create a cross-cluster API key (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-create-cross-cluster-api-key.html

# File 'lib/elasticsearch/api/actions/security/create_cross_cluster_api_key.rb', line 36

def create_cross_cluster_api_key(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.create_cross_cluster_api_key' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = '_security/cross_cluster/api_key'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#create_service_token(arguments = {}) ⇒ Object

Creates a service account token for access without requiring basic authentication.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :namespace (String) —

  An identifier for the namespace

• :service (String) —

  An identifier for the service name

• :name (String) —

  An identifier for the token name

• :refresh (String) —

  If ‘true` then refresh the affected shards to make this operation visible to search, if `wait_for` (the default) then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-create-service-token.html

# File 'lib/elasticsearch/api/actions/security/create_service_token.rb', line 35

def create_service_token(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.create_service_token' }

  defined_params = %i[namespace service name].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'namespace' missing" unless arguments[:namespace]
  raise ArgumentError, "Required argument 'service' missing" unless arguments[:service]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _namespace = arguments.delete(:namespace)

  _service = arguments.delete(:service)

  _name = arguments.delete(:name)

  method = _name ? Elasticsearch::API::HTTP_PUT : Elasticsearch::API::HTTP_POST
  path   = if _namespace && _service && _name
             "_security/service/#{Utils.__listify(_namespace)}/#{Utils.__listify(_service)}/credential/token/#{Utils.__listify(_name)}"
           else
             "_security/service/#{Utils.__listify(_namespace)}/#{Utils.__listify(_service)}/credential/token"
           end
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#delete_privileges(arguments = {}) ⇒ Object

Removes application privileges.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :application (String) —

  Application name

• :name (String) —

  Privilege name

• :refresh (String) —

  If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-delete-privilege.html

# File 'lib/elasticsearch/api/actions/security/delete_privileges.rb', line 34

def delete_privileges(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.delete_privileges' }

  defined_params = %i[application name].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'application' missing" unless arguments[:application]
  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _application = arguments.delete(:application)

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_DELETE
  path   = "_security/privilege/#{Utils.__listify(_application)}/#{Utils.__listify(_name)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#delete_role(arguments = {}) ⇒ Object

Removes roles in the native realm.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :name (String) —

  Role name

• :refresh (String) —

  If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-delete-role.html

# File 'lib/elasticsearch/api/actions/security/delete_role.rb', line 33

def delete_role(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.delete_role' }

  defined_params = [:name].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_DELETE
  path   = "_security/role/#{Utils.__listify(_name)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#delete_role_mapping(arguments = {}) ⇒ Object

Removes role mappings.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :name (String) —

  Role-mapping name

• :refresh (String) —

  If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-delete-role-mapping.html

# File 'lib/elasticsearch/api/actions/security/delete_role_mapping.rb', line 33

def delete_role_mapping(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.delete_role_mapping' }

  defined_params = [:name].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_DELETE
  path   = "_security/role_mapping/#{Utils.__listify(_name)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#delete_service_token(arguments = {}) ⇒ Object

Deletes a service account token.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :namespace (String) —

  An identifier for the namespace

• :service (String) —

  An identifier for the service name

• :name (String) —

  An identifier for the token name

• :refresh (String) —

  If ‘true` then refresh the affected shards to make this operation visible to search, if `wait_for` (the default) then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-delete-service-token.html

# File 'lib/elasticsearch/api/actions/security/delete_service_token.rb', line 35

def delete_service_token(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.delete_service_token' }

  defined_params = %i[namespace service name].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'namespace' missing" unless arguments[:namespace]
  raise ArgumentError, "Required argument 'service' missing" unless arguments[:service]
  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _namespace = arguments.delete(:namespace)

  _service = arguments.delete(:service)

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_DELETE
  path   = "_security/service/#{Utils.__listify(_namespace)}/#{Utils.__listify(_service)}/credential/token/#{Utils.__listify(_name)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#delete_user(arguments = {}) ⇒ Object

Deletes users from the native realm.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :username (String) —

  username

• :refresh (String) —

  If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-delete-user.html

# File 'lib/elasticsearch/api/actions/security/delete_user.rb', line 33

def delete_user(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.delete_user' }

  defined_params = [:username].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'username' missing" unless arguments[:username]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _username = arguments.delete(:username)

  method = Elasticsearch::API::HTTP_DELETE
  path   = "_security/user/#{Utils.__listify(_username)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#disable_user(arguments = {}) ⇒ Object

Disables users in the native realm.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :username (String) —

  The username of the user to disable

• :refresh (String) —

  If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-disable-user.html

# File 'lib/elasticsearch/api/actions/security/disable_user.rb', line 33

def disable_user(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.disable_user' }

  defined_params = [:username].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'username' missing" unless arguments[:username]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _username = arguments.delete(:username)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/user/#{Utils.__listify(_username)}/_disable"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#disable_user_profile(arguments = {}) ⇒ Object

Disables a user profile so it’s not visible in user profile searches.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :uid (String) —

  Unique identifier for the user profile

• :refresh (String) —

  If ‘true` then refresh the affected shards to make this operation visible to search, if `wait_for` (the default) then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-disable-user-profile.html

# File 'lib/elasticsearch/api/actions/security/disable_user_profile.rb', line 33

def disable_user_profile(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.disable_user_profile' }

  defined_params = [:uid].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'uid' missing" unless arguments[:uid]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  _uid = arguments.delete(:uid)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/profile/#{Utils.__listify(_uid)}/_disable"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#enable_user(arguments = {}) ⇒ Object

Enables users in the native realm.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :username (String) —

  The username of the user to enable

• :refresh (String) —

  If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-enable-user.html

# File 'lib/elasticsearch/api/actions/security/enable_user.rb', line 33

def enable_user(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.enable_user' }

  defined_params = [:username].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'username' missing" unless arguments[:username]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _username = arguments.delete(:username)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/user/#{Utils.__listify(_username)}/_enable"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#enable_user_profile(arguments = {}) ⇒ Object

Enables a user profile so it’s visible in user profile searches.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :uid (String) —

  An unique identifier of the user profile

• :refresh (String) —

  If ‘true` then refresh the affected shards to make this operation visible to search, if `wait_for` (the default) then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-enable-user-profile.html

# File 'lib/elasticsearch/api/actions/security/enable_user_profile.rb', line 33

def enable_user_profile(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.enable_user_profile' }

  defined_params = [:uid].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'uid' missing" unless arguments[:uid]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  _uid = arguments.delete(:uid)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/profile/#{Utils.__listify(_uid)}/_enable"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#enroll_kibana(arguments = {}) ⇒ Object

Allows a kibana instance to configure itself to communicate with a secured elasticsearch cluster.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-kibana-enrollment.html

# File 'lib/elasticsearch/api/actions/security/enroll_kibana.rb', line 31

def enroll_kibana(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.enroll_kibana' }

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  method = Elasticsearch::API::HTTP_GET
  path   = '_security/enroll/kibana'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#enroll_node(arguments = {}) ⇒ Object

Allows a new node to enroll to an existing cluster with security enabled.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-node-enrollment.html

# File 'lib/elasticsearch/api/actions/security/enroll_node.rb', line 31

def enroll_node(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.enroll_node' }

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  method = Elasticsearch::API::HTTP_GET
  path   = '_security/enroll/node'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#get_api_key(arguments = {}) ⇒ Object

Retrieves information for one or more API keys.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :id (String) —

  API key id of the API key to be retrieved

• :name (String) —

  API key name of the API key to be retrieved

• :username (String) —

  user name of the user who created this API key to be retrieved

• :realm_name (String) —

  realm name of the user who created this API key to be retrieved

• :owner (Boolean) —

  flag to query API keys owned by the currently authenticated user

• :with_limited_by (Boolean) —

  flag to show the limited-by role descriptors of API Keys

• :active_only (Boolean) —

  flag to limit response to only active (not invalidated or expired) API keys

• :headers (Hash) —

  Custom HTTP headers

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-get-api-key.html

# File 'lib/elasticsearch/api/actions/security/get_api_key.rb', line 38

def get_api_key(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.get_api_key' }

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  method = Elasticsearch::API::HTTP_GET
  path   = '_security/api_key'
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#get_builtin_privileges(arguments = {}) ⇒ Object

Retrieves the list of cluster privileges and index privileges that are available in this version of Elasticsearch.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-get-builtin-privileges.html

# File 'lib/elasticsearch/api/actions/security/get_builtin_privileges.rb', line 31

def get_builtin_privileges(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.get_builtin_privileges' }

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  method = Elasticsearch::API::HTTP_GET
  path   = '_security/privilege/_builtin'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#get_privileges(arguments = {}) ⇒ Object

Retrieves application privileges.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :application (String) —

  Application name

• :name (String) —

  Privilege name

• :headers (Hash) —

  Custom HTTP headers

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-get-privileges.html

# File 'lib/elasticsearch/api/actions/security/get_privileges.rb', line 33

def get_privileges(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.get_privileges' }

  defined_params = %i[application name].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _application = arguments.delete(:application)

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_GET
  path   = if _application && _name
             "_security/privilege/#{Utils.__listify(_application)}/#{Utils.__listify(_name)}"
           elsif _application
             "_security/privilege/#{Utils.__listify(_application)}"
           else
             '_security/privilege'
           end
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#get_role(arguments = {}) ⇒ Object

Retrieves roles in the native realm.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :name (List) —

  A comma-separated list of role names

• :headers (Hash) —

  Custom HTTP headers

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-get-role.html

# File 'lib/elasticsearch/api/actions/security/get_role.rb', line 32

def get_role(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.get_role' }

  defined_params = [:name].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_GET
  path   = if _name
             "_security/role/#{Utils.__listify(_name)}"
           else
             '_security/role'
           end
  params = Utils.process_params(arguments)

  if Array(arguments[:ignore]).include?(404)
    Utils.__rescue_from_not_found do
      Elasticsearch::API::Response.new(
        perform_request(method, path, params, body, headers, request_opts)
      )
    end
  else
    Elasticsearch::API::Response.new(
      perform_request(method, path, params, body, headers, request_opts)
    )
  end
end

#get_role_mapping(arguments = {}) ⇒ Object

Retrieves role mappings.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :name (List) —

  A comma-separated list of role-mapping names

• :headers (Hash) —

  Custom HTTP headers

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-get-role-mapping.html

# File 'lib/elasticsearch/api/actions/security/get_role_mapping.rb', line 32

def get_role_mapping(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.get_role_mapping' }

  defined_params = [:name].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_GET
  path   = if _name
             "_security/role_mapping/#{Utils.__listify(_name)}"
           else
             '_security/role_mapping'
           end
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#get_service_accounts(arguments = {}) ⇒ Object

Retrieves information about service accounts.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :namespace (String) —

  An identifier for the namespace

• :service (String) —

  An identifier for the service name

• :headers (Hash) —

  Custom HTTP headers

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-get-service-accounts.html

# File 'lib/elasticsearch/api/actions/security/get_service_accounts.rb', line 33

def get_service_accounts(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.get_service_accounts' }

  defined_params = %i[namespace service].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _namespace = arguments.delete(:namespace)

  _service = arguments.delete(:service)

  method = Elasticsearch::API::HTTP_GET
  path   = if _namespace && _service
             "_security/service/#{Utils.__listify(_namespace)}/#{Utils.__listify(_service)}"
           elsif _namespace
             "_security/service/#{Utils.__listify(_namespace)}"
           else
             '_security/service'
           end
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#get_service_credentials(arguments = {}) ⇒ Object

Retrieves information of all service credentials for a service account.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :namespace (String) —

  An identifier for the namespace

• :service (String) —

  An identifier for the service name

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-get-service-credentials.html

# File 'lib/elasticsearch/api/actions/security/get_service_credentials.rb', line 33

def get_service_credentials(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.get_service_credentials' }

  defined_params = %i[namespace service].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'namespace' missing" unless arguments[:namespace]
  raise ArgumentError, "Required argument 'service' missing" unless arguments[:service]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _namespace = arguments.delete(:namespace)

  _service = arguments.delete(:service)

  method = Elasticsearch::API::HTTP_GET
  path   = "_security/service/#{Utils.__listify(_namespace)}/#{Utils.__listify(_service)}/credential"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#get_settings(arguments = {}) ⇒ Object

Retrieve settings for the security system indices

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-get-settings.html

# File 'lib/elasticsearch/api/actions/security/get_settings.rb', line 31

def get_settings(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.get_settings' }

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  method = Elasticsearch::API::HTTP_GET
  path   = '_security/settings'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#get_token(arguments = {}) ⇒ Object

Creates a bearer token for access without requiring basic authentication.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The token request to get (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-get-token.html

# File 'lib/elasticsearch/api/actions/security/get_token.rb', line 32

def get_token(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.get_token' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = '_security/oauth2/token'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#get_user(arguments = {}) ⇒ Object

Retrieves information about users in the native realm and built-in users.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :username (List) —

  A comma-separated list of usernames

• :with_profile_uid (Boolean) —

  flag to retrieve profile uid (if exists) associated to the user

• :headers (Hash) —

  Custom HTTP headers

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-get-user.html

# File 'lib/elasticsearch/api/actions/security/get_user.rb', line 33

def get_user(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.get_user' }

  defined_params = [:username].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _username = arguments.delete(:username)

  method = Elasticsearch::API::HTTP_GET
  path   = if _username
             "_security/user/#{Utils.__listify(_username)}"
           else
             '_security/user'
           end
  params = Utils.process_params(arguments)

  if Array(arguments[:ignore]).include?(404)
    Utils.__rescue_from_not_found do
      Elasticsearch::API::Response.new(
        perform_request(method, path, params, body, headers, request_opts)
      )
    end
  else
    Elasticsearch::API::Response.new(
      perform_request(method, path, params, body, headers, request_opts)
    )
  end
end

#get_user_privileges(arguments = {}) ⇒ Object

Retrieves security privileges for the logged in user.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-get-user-privileges.html

# File 'lib/elasticsearch/api/actions/security/get_user_privileges.rb', line 31

def get_user_privileges(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.get_user_privileges' }

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  method = Elasticsearch::API::HTTP_GET
  path   = '_security/user/_privileges'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#get_user_profile(arguments = {}) ⇒ Object

Retrieves user profiles for the given unique ID(s).

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :uid (List) —

  A comma-separated list of unique identifier for user profiles

• :data (List) —

  A comma-separated list of keys for which the corresponding application data are retrieved.

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-get-user-profile.html

# File 'lib/elasticsearch/api/actions/security/get_user_profile.rb', line 33

def get_user_profile(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.get_user_profile' }

  defined_params = [:uid].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'uid' missing" unless arguments[:uid]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = nil

  _uid = arguments.delete(:uid)

  method = Elasticsearch::API::HTTP_GET
  path   = "_security/profile/#{Utils.__listify(_uid)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#grant_api_key(arguments = {}) ⇒ Object

Creates an API key on behalf of another user.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :refresh (String) —

  If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The api key request to create an API key (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-grant-api-key.html

# File 'lib/elasticsearch/api/actions/security/grant_api_key.rb', line 33

def grant_api_key(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.grant_api_key' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = '_security/api_key/grant'
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#has_privileges(arguments = {}) ⇒ Object

Determines whether the specified user has a specified list of privileges.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :user (String) —

  Username

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The privileges to test (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-has-privileges.html

# File 'lib/elasticsearch/api/actions/security/has_privileges.rb', line 33

def has_privileges(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.has_privileges' }

  defined_params = [:user].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  _user = arguments.delete(:user)

  method = Elasticsearch::API::HTTP_POST
  path   = if _user
             "_security/user/#{Utils.__listify(_user)}/_has_privileges"
           else
             '_security/user/_has_privileges'
           end
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#has_privileges_user_profile(arguments = {}) ⇒ Object

Determines whether the users associated with the specified profile IDs have all the requested privileges.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The privileges to check and the list of profile IDs (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-has-privileges-user-profile.html

# File 'lib/elasticsearch/api/actions/security/has_privileges_user_profile.rb', line 32

def has_privileges_user_profile(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.has_privileges_user_profile' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = '_security/profile/_has_privileges'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#invalidate_api_key(arguments = {}) ⇒ Object

Invalidates one or more API keys.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The api key request to invalidate API key(s) (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-invalidate-api-key.html

# File 'lib/elasticsearch/api/actions/security/invalidate_api_key.rb', line 32

def invalidate_api_key(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.invalidate_api_key' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_DELETE
  path   = '_security/api_key'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#invalidate_token(arguments = {}) ⇒ Object

Invalidates one or more access tokens or refresh tokens.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The token to invalidate (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-invalidate-token.html

# File 'lib/elasticsearch/api/actions/security/invalidate_token.rb', line 32

def invalidate_token(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.invalidate_token' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_DELETE
  path   = '_security/oauth2/token'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#oidc_authenticate(arguments = {}) ⇒ Object

Exchanges an OpenID Connection authentication response message for an Elasticsearch access token and refresh token pair

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The OpenID Connect response to authenticate (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-oidc-authenticate.html

# File 'lib/elasticsearch/api/actions/security/oidc_authenticate.rb', line 32

def oidc_authenticate(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.oidc_authenticate' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = '_security/oidc/authenticate'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#oidc_logout(arguments = {}) ⇒ Object

Invalidates a refresh token and access token that was generated from the OpenID Connect Authenticate API

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  Access token and refresh token to invalidate (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-oidc-logout.html

# File 'lib/elasticsearch/api/actions/security/oidc_logout.rb', line 32

def oidc_logout(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.oidc_logout' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = '_security/oidc/logout'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#oidc_prepare_authentication(arguments = {}) ⇒ Object

Creates an OAuth 2.0 authentication request as a URL string

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The OpenID Connect authentication realm configuration (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-oidc-prepare-authentication.html

# File 'lib/elasticsearch/api/actions/security/oidc_prepare_authentication.rb', line 32

def oidc_prepare_authentication(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.oidc_prepare_authentication' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = '_security/oidc/prepare'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#put_privileges(arguments = {}) ⇒ Object

Adds or updates application privileges.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :refresh (String) —

  If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The privilege(s) to add (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-put-privileges.html

# File 'lib/elasticsearch/api/actions/security/put_privileges.rb', line 33

def put_privileges(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.put_privileges' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_PUT
  path   = '_security/privilege'
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#put_role(arguments = {}) ⇒ Object

Adds and updates roles in the native realm.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :name (String) —

  Role name

• :refresh (String) —

  If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The role to add (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-put-role.html

# File 'lib/elasticsearch/api/actions/security/put_role.rb', line 34

def put_role(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.put_role' }

  defined_params = [:name].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]
  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/role/#{Utils.__listify(_name)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#put_role_mapping(arguments = {}) ⇒ Object

Creates and updates role mappings.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :name (String) —

  Role-mapping name

• :refresh (String) —

  If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The role mapping to add (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-put-role-mapping.html

# File 'lib/elasticsearch/api/actions/security/put_role_mapping.rb', line 34

def put_role_mapping(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.put_role_mapping' }

  defined_params = [:name].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]
  raise ArgumentError, "Required argument 'name' missing" unless arguments[:name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  _name = arguments.delete(:name)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/role_mapping/#{Utils.__listify(_name)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#put_user(arguments = {}) ⇒ Object

Adds and updates users in the native realm. These users are commonly referred to as native users.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :username (String) —

  The username of the User

• :refresh (String) —

  If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The user to add (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-put-user.html

# File 'lib/elasticsearch/api/actions/security/put_user.rb', line 34

def put_user(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.put_user' }

  defined_params = [:username].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]
  raise ArgumentError, "Required argument 'username' missing" unless arguments[:username]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  _username = arguments.delete(:username)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/user/#{Utils.__listify(_username)}"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#query_api_keys(arguments = {}) ⇒ Object

Retrieves information for API keys using a subset of query DSL

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :with_limited_by (Boolean) —

  flag to show the limited-by role descriptors of API Keys

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  From, size, query, sort and search_after

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-query-api-key.html

# File 'lib/elasticsearch/api/actions/security/query_api_keys.rb', line 33

def query_api_keys(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.query_api_keys' }

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = if body
             Elasticsearch::API::HTTP_POST
           else
             Elasticsearch::API::HTTP_GET
           end

  path = '_security/_query/api_key'
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#query_user(arguments = {}) ⇒ Object

Retrieves information for Users using a subset of query DSL

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :with_profile_uid (Boolean) —

  flag to retrieve profile uid (if exists) associated with the user

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  From, size, query, sort and search_after

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-query-user.html

# File 'lib/elasticsearch/api/actions/security/query_user.rb', line 33

def query_user(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.query_user' }

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = if body
             Elasticsearch::API::HTTP_POST
           else
             Elasticsearch::API::HTTP_GET
           end

  path = '_security/_query/user'
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#saml_authenticate(arguments = {}) ⇒ Object

Exchanges a SAML Response message for an Elasticsearch access token and refresh token pair

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The SAML response to authenticate (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-saml-authenticate.html

# File 'lib/elasticsearch/api/actions/security/saml_authenticate.rb', line 32

def saml_authenticate(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.saml_authenticate' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = '_security/saml/authenticate'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#saml_complete_logout(arguments = {}) ⇒ Object

Verifies the logout response sent from the SAML IdP

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The logout response to verify (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-saml-complete-logout.html

# File 'lib/elasticsearch/api/actions/security/saml_complete_logout.rb', line 32

def saml_complete_logout(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.saml_complete_logout' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = '_security/saml/complete_logout'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#saml_invalidate(arguments = {}) ⇒ Object

Consumes a SAML LogoutRequest

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The LogoutRequest message (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-saml-invalidate.html

# File 'lib/elasticsearch/api/actions/security/saml_invalidate.rb', line 32

def saml_invalidate(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.saml_invalidate' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = '_security/saml/invalidate'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#saml_logout(arguments = {}) ⇒ Object

Invalidates an access token and a refresh token that were generated via the SAML Authenticate API

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The tokens to invalidate (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-saml-logout.html

# File 'lib/elasticsearch/api/actions/security/saml_logout.rb', line 32

def saml_logout(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.saml_logout' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = '_security/saml/logout'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#saml_prepare_authentication(arguments = {}) ⇒ Object

Creates a SAML authentication request

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The realm for which to create the authentication request, identified by either its name or the ACS URL (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-saml-prepare-authentication.html

# File 'lib/elasticsearch/api/actions/security/saml_prepare_authentication.rb', line 32

def saml_prepare_authentication(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.saml_prepare_authentication' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_POST
  path   = '_security/saml/prepare'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#saml_service_provider_metadata(arguments = {}) ⇒ Object

Generates SAML metadata for the Elastic stack SAML 2.0 Service Provider

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :realm_name (String) —

  The name of the SAML realm to get the metadata for

• :headers (Hash) —

  Custom HTTP headers

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-saml-sp-metadata.html

# File 'lib/elasticsearch/api/actions/security/saml_service_provider_metadata.rb', line 32

def saml_service_provider_metadata(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.saml_service_provider_metadata' }

  defined_params = [:realm_name].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'realm_name' missing" unless arguments[:realm_name]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  _realm_name = arguments.delete(:realm_name)

  method = Elasticsearch::API::HTTP_GET
  path   = "_security/saml/metadata/#{Utils.__listify(_realm_name)}"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#suggest_user_profiles(arguments = {}) ⇒ Object

Get suggestions for user profiles that match specified search criteria.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :data (List) —

  A comma-separated list of keys for which the corresponding application data are retrieved.

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The suggestion definition for user profiles

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-suggest-user-profile.html

# File 'lib/elasticsearch/api/actions/security/suggest_user_profiles.rb', line 33

def suggest_user_profiles(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.suggest_user_profiles' }

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = if body
             Elasticsearch::API::HTTP_POST
           else
             Elasticsearch::API::HTTP_GET
           end

  path = '_security/profile/_suggest'
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#update_api_key(arguments = {}) ⇒ Object

Updates attributes of an existing API key.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :id (String) —

  The ID of the API key to update

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The API key request to update attributes of an API key.

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-update-api-key.html

# File 'lib/elasticsearch/api/actions/security/update_api_key.rb', line 33

def update_api_key(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.update_api_key' }

  defined_params = [:id].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'id' missing" unless arguments[:id]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  _id = arguments.delete(:id)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/api_key/#{Utils.__listify(_id)}"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#update_cross_cluster_api_key(arguments = {}) ⇒ Object

Updates attributes of an existing cross-cluster API key. This functionality is in Beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :id (String) —

  The ID of the cross-cluster API key to update

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The request to update attributes of a cross-cluster API key. (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-update-cross-cluster-api-key.html

# File 'lib/elasticsearch/api/actions/security/update_cross_cluster_api_key.rb', line 37

def update_cross_cluster_api_key(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.update_cross_cluster_api_key' }

  defined_params = [:id].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]
  raise ArgumentError, "Required argument 'id' missing" unless arguments[:id]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = arguments.delete(:body)

  _id = arguments.delete(:id)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/cross_cluster/api_key/#{Utils.__listify(_id)}"
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#update_settings(arguments = {}) ⇒ Object

Update settings for the security system index

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  An object with the new settings for each index, if any (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-update-settings.html

# File 'lib/elasticsearch/api/actions/security/update_settings.rb', line 32

def update_settings(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.update_settings' }

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  method = Elasticsearch::API::HTTP_PUT
  path   = '_security/settings'
  params = {}

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end

#update_user_profile_data(arguments = {}) ⇒ Object

Update application specific data for the user profile of the given unique ID.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :uid (String) —

  An unique identifier of the user profile

• :if_seq_no (Number) —

  only perform the update operation if the last operation that has changed the document has the specified sequence number

• :if_primary_term (Number) —

  only perform the update operation if the last operation that has changed the document has the specified primary term

• :refresh (String) —

  If ‘true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes. (options: true, false, wait_for)

• :headers (Hash) —

  Custom HTTP headers

• :body (Hash) —

  The application data to update (Required)

Raises:

• (ArgumentError)

See Also:

• https://www.elastic.co/guide/en/elasticsearch/reference/8.13/security-api-update-user-profile-data.html

# File 'lib/elasticsearch/api/actions/security/update_user_profile_data.rb', line 36

def update_user_profile_data(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'security.update_user_profile_data' }

  defined_params = [:uid].each_with_object({}) do |variable, set_variables|
    set_variables[variable] = arguments[variable] if arguments.key?(variable)
  end
  request_opts[:defined_params] = defined_params unless defined_params.empty?

  raise ArgumentError, "Required argument 'body' missing" unless arguments[:body]
  raise ArgumentError, "Required argument 'uid' missing" unless arguments[:uid]

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body   = arguments.delete(:body)

  _uid = arguments.delete(:uid)

  method = Elasticsearch::API::HTTP_PUT
  path   = "_security/profile/#{Utils.__listify(_uid)}/_data"
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end