« TrustedEnvironments Definitions »
Elastic Docs Elasticsearch Service Documentation RESTful API API reference documentation

Users - Role Assignments

edit

Users - Role Assignments

edit

Remove Role Assignments

edit

Removes a set of RoleAssignments from the specified User. Currently unavailable in self-hosted ECE.

Request

edit

DELETE /api/v1/users/{user_id}/role_assignments

Path parameters

edit
Name Type Required Description

user_id

string

Y

Identifier for the user; include realm name and id if required

Request body

edit

(RoleAssignments) (required) The Role Assignments to remove

Responses

edit
200

(EmptyResponse)

Role Assignments were successfully removed from the target User

400

(BasicFailedReply)

The target user Id is invalid. (code: role_assignments.invalid_target_user_id)

Headers

x-cloud-error-codes (string; allowed values: [role_assignments.invalid_target_user_id])
The error codes associated with the response
401

(BasicFailedReply)

Credentials were invalid. (code: root.unauthorized)

Headers

x-cloud-error-codes (string; allowed values: [root.unauthorized])
The error codes associated with the response
403

(BasicFailedReply)

You are not authorised to remove the specified RoleAssignments. (code: role_assignments.unauthorized_role_assignments)

Headers

x-cloud-error-codes (string; allowed values: [role_assignments.unauthorized_role_assignments])
The error codes associated with the response

Request example

edit
curl -XDELETE https://api.elastic-cloud.com/api/v1/users/{user_id}/role_assignments \
-H "Authorization: ApiKey $EC_API_KEY" \
-H 'Content-Type: application/json' \
-d '
{
   "deployment" : [
      {
         "all" : true,
         "application_roles" : [
            "string"
         ],
         "deployment_ids" : [
            "string"
         ],
         "organization_id" : "string",
         "role_id" : "string"
      }
   ],
   "organization" : [
      {
         "organization_id" : "string",
         "role_id" : "string"
      }
   ],
   "platform" : [
      {
         "role_id" : "string"
      }
   ],
   "project" : {
      "elasticsearch" : [
         {
            "all" : true,
            "application_roles" : [
               "string"
            ],
            "organization_id" : "string",
            "project_ids" : [
               "string"
            ],
            "role_id" : "string"
         }
      ],
      "observability" : [
         {
            "all" : true,
            "application_roles" : [
               "string"
            ],
            "organization_id" : "string",
            "project_ids" : [
               "string"
            ],
            "role_id" : "string"
         }
      ],
      "security" : [
         {
            "all" : true,
            "application_roles" : [
               "string"
            ],
            "organization_id" : "string",
            "project_ids" : [
               "string"
            ],
            "role_id" : "string"
         }
      ]
   }
}
'

Add Role Assignments

edit

Adds a set of RoleAssignments to the specified User. Currently unavailable in self-hosted ECE.

Request

edit

POST /api/v1/users/{user_id}/role_assignments

Path parameters

edit
Name Type Required Description

user_id

string

Y

Identifier for the user; include realm name and id if required

Request body

edit

(RoleAssignments) (required) The Role Assignments to add

Responses

edit
200

(EmptyResponse)

Role Assignments were successfully added to the target User

400

(BasicFailedReply)

The target user Id is invalid. (code: role_assignments.invalid_target_user_id)

Headers

x-cloud-error-codes (string; allowed values: [role_assignments.invalid_target_user_id])
The error codes associated with the response
401

(BasicFailedReply)

Credentials were invalid. (code: root.unauthorized)

Headers

x-cloud-error-codes (string; allowed values: [root.unauthorized])
The error codes associated with the response
403

(BasicFailedReply)

You are not authorised to add the specified RoleAssignments. (code: role_assignments.unauthorized_role_assignments)

Headers

x-cloud-error-codes (string; allowed values: [role_assignments.unauthorized_role_assignments])
The error codes associated with the response

Request example

edit
curl -XPOST https://api.elastic-cloud.com/api/v1/users/{user_id}/role_assignments \
-H "Authorization: ApiKey $EC_API_KEY" \
-H 'Content-Type: application/json' \
-d '
{
   "deployment" : [
      {
         "all" : true,
         "application_roles" : [
            "string"
         ],
         "deployment_ids" : [
            "string"
         ],
         "organization_id" : "string",
         "role_id" : "string"
      }
   ],
   "organization" : [
      {
         "organization_id" : "string",
         "role_id" : "string"
      }
   ],
   "platform" : [
      {
         "role_id" : "string"
      }
   ],
   "project" : {
      "elasticsearch" : [
         {
            "all" : true,
            "application_roles" : [
               "string"
            ],
            "organization_id" : "string",
            "project_ids" : [
               "string"
            ],
            "role_id" : "string"
         }
      ],
      "observability" : [
         {
            "all" : true,
            "application_roles" : [
               "string"
            ],
            "organization_id" : "string",
            "project_ids" : [
               "string"
            ],
            "role_id" : "string"
         }
      ],
      "security" : [
         {
            "all" : true,
            "application_roles" : [
               "string"
            ],
            "organization_id" : "string",
            "project_ids" : [
               "string"
            ],
            "role_id" : "string"
         }
      ]
   }
}
'
« TrustedEnvironments Definitions »