honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[DOCS] Removes redundant role examples 

Original commit: elastic/x-pack-elasticsearch@ac17cbbdfd
This commit is contained in:
lcawley 2018-04-12 16:47:45 -07:00
parent 76c764b379
commit c09c9e13d7
2 changed files with 8 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/en/rest-api/security/roles.asciidoc
View File

@ -164,6 +164,10 @@ GET /_xpack/security/role
// CONSOLE // CONSOLE
// TEST[continued] // TEST[continued]
NOTE: If single role is requested, that role is returned as the response. When
requesting multiple roles, an object is returned holding the found roles, each
keyed by the relevant role name.
[[security-api-delete-role]] [[security-api-delete-role]]
To delete a role, submit a DELETE request to the `/_xpack/security/role/<rolename>` To delete a role, submit a DELETE request to the `/_xpack/security/role/<rolename>`
endpoint: endpoint:

98
docs/en/security/authorization.asciidoc
View File

@ -278,7 +278,7 @@ see <<custom-roles-provider, Custom Roles Provider Extension>>.
=== Role Management UI === Role Management UI
{security} enables you to easily manage users and roles from within {kib}. To {security} enables you to easily manage users and roles from within {kib}. To
manage roles, log in to {kib} and go to *Management / Elasticsearch / Roles*. manage roles, log in to {kib} and go to *Management / Elasticsearch / Roles*.
[float] [float]
[[roles-management-api]] [[roles-management-api]]
@ -286,104 +286,14 @@ manage roles, log in to {kib} and go to *Management / Elasticsearch / Roles*.
The _Role Management APIs_ enable you to add, update, remove and retrieve roles The _Role Management APIs_ enable you to add, update, remove and retrieve roles
dynamically. When you use the APIs to manage roles in the `native` realm, the dynamically. When you use the APIs to manage roles in the `native` realm, the
roles are stored in an internal {es} index. roles are stored in an internal {es} index. For more information and examples,
see {ref}/security-api-roles.html[Role Management APIs].
[[roles-api-add]]
==== Adding a Role
To add a role, submit a PUT or POST request to the `/_xpack/security/role/<name>`
endpoint.
[source,js]
--------------------------------------------------
POST /_xpack/security/role/clicks_admin
{
"run_as": [ "clicks_watcher_1" ],
"cluster": [ "monitor" ],
"indices": [
{
"names": [ "events-*" ],
"privileges": [ "read" ],
"field_security" : {
"grant" : [ "category", "@timestamp", "message" ]
},
"query": "{\"match\": {\"category\": \"click\"}}"
}
]
}
--------------------------------------------------
// CONSOLE
// TESTSETUP
NOTE: This API can also be used for updating role definitions.
[[roles-api-list]]
==== List Role
To retrieve all roles, submit a GET request to the `/_xpack/security/role` endpoint:
[source,js]
--------------------------------------------------
GET /_xpack/security/role
--------------------------------------------------
// CONSOLE
To retrieve particular roles, specify the roles as a comma-separated list:
[source,js]
--------------------------------------------------
GET /_xpack/security/role/clicks_admin
--------------------------------------------------
// CONSOLE
Response:
[source,js]
--------------------------------------------------
{
"clicks_admin": {
"run_as": [ "clicks_watcher_1" ],
"cluster": [ "monitor" ],
"indices": [
{
"names": [ "events-*" ],
"privileges": [ "read" ],
"field_security" : {
"grant" : [ "category", "@timestamp", "message" ]
},
"query": "{\"match\": {\"category\": \"click\"}}"
}
],
"metadata": { },
"transient_metadata": {
"enabled": true
}
}
}
--------------------------------------------------
// TESTRESPONSE
NOTE: If single role is requested, that role is returned as the response. When
requesting multiple roles, an object is returned holding the found roles,
each keyed by the relevant role name.
[[roles-api-delete]]
==== Deleting a Role
To delete a role, submit a DELETE request to the `/_xpack/security/role/<name>`
endpoint:
[source,js]
--------------------------------------------------
DELETE /_xpack/security/role/clicks_admin
--------------------------------------------------
// CONSOLE
[float] [float]
[[roles-management-file]] [[roles-management-file]]
=== File-based Role Management === File-based Role Management
Apart from the _Role Management APIs_ roles can also be defined in local Apart from the _Role Management APIs_, roles can also be defined in local
`roles.yml` file located in `CONFIG_DIR/x-pack`. This is a YAML file where each `roles.yml` file located in `CONFIG_DIR/x-pack`. This is a YAML file where each
role definition is keyed by its name. role definition is keyed by its name.