Security Client

class opensearchpy.client.security.SecurityClient(client)[source]

Bases: NamespacedClient

Parameters:: client (Any) –

authinfo(params=None, headers=None)[source]

Returns the authentication information.

Parameters:

auth_type – The type of current authentication request.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
verbose – Indicates whether a verbose response should be returned.
params (Any) –
headers (Any) –

Return type:

Any

authtoken(params=None, headers=None)[source]

Returns the authorization token.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

cache(params=None, headers=None)[source]

Not supported for cache API.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

change_password(body, params=None, headers=None)[source]

Changes the password for the current user.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

config_upgrade_check(params=None, headers=None)[source]

Check whether or not an upgrade can be performed and what resources can be updated.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

config_upgrade_perform(body=None, params=None, headers=None)[source]

Helps cluster operator upgrade missing defaults and stale default definitions.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

create_action_group(action_group, body, params=None, headers=None)[source]

Creates or replaces the specified action group.

Parameters:

action_group (Any) – The name of the action group to create or replace.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
action_group –
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

create_allowlist(body, params=None, headers=None)[source]

Creates or replaces the allowlisted APIs. Accessible via Super Admin certificate or REST API permission.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

create_role(role, body, params=None, headers=None)[source]

Creates or replaces the specified role.

Parameters:

role (Any) – The name of the role to be created.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
role –
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

create_role_mapping(role, body, params=None, headers=None)[source]

Creates or replaces the specified role mapping.

Parameters:

role (Any) – The name of the role to create a role mapping for.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
role –
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

create_tenant(tenant, body, params=None, headers=None)[source]

Creates or replaces the specified tenant.

Parameters:

tenant (Any) – The name of the tenant to be created.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
tenant –
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

create_update_tenancy_config(body, params=None, headers=None)[source]

Creates or replaces the multi-tenancy configuration. Only accessible to admins and users with REST API permissions.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

create_user(username, body, params=None, headers=None)[source]

Creates or replaces the specified user.

Parameters:

username (Any) – The name of the user to be created.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
username –
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

create_user_legacy(username, body, params=None, headers=None)[source]

Creates or replaces the specified user. Legacy API.

Parameters:

username (Any) – The name of the user to be created.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
username –
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

delete_action_group(action_group, params=None, headers=None)[source]

Delete a specified action group.

Parameters:

action_group (Any) – The name of the action group to delete.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
action_group –
params (Any) –
headers (Any) –

Return type:

Any

delete_distinguished_name(cluster_name, params=None, headers=None)[source]

Deletes all distinguished names in the specified cluster or node allow list. Only accessible to super-admins and with rest-api permissions when enabled.

Parameters:

cluster_name (Any) – The cluster-name to delete from list of distinguished names.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
cluster_name –
params (Any) –
headers (Any) –

Return type:

Any

delete_role(role, params=None, headers=None)[source]

Delete the specified role.

Parameters:

role (Any) – The name of the role to delete.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
role –
params (Any) –
headers (Any) –

Return type:

Any

delete_role_mapping(role, params=None, headers=None)[source]

Deletes the specified role mapping.

Parameters:

role (Any) – The name of the role whose mapping needs to delete.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
role –
params (Any) –
headers (Any) –

Return type:

Any

delete_tenant(tenant, params=None, headers=None)[source]

Delete the specified tenant.

Parameters:

tenant (Any) – The name of the tenant to delete.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
tenant –
params (Any) –
headers (Any) –

Return type:

Any

delete_user(username, params=None, headers=None)[source]

Delete the specified user.

Parameters:

username (Any) – The name of the user to delete.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
username –
params (Any) –
headers (Any) –

Return type:

Any

delete_user_legacy(username, params=None, headers=None)[source]

Delete the specified user. Legacy API.

Parameters:

username (Any) – The name of the user to delete.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
username –
params (Any) –
headers (Any) –

Return type:

Any

flush_cache(params=None, headers=None)[source]

Flushes the Security plugin user, authentication, and authorization cache.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

generate_obo_token(body, params=None, headers=None)[source]

Generates On-Behalf-Of token for the current user.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

generate_user_token(username, params=None, headers=None)[source]

Generates authorization token for the given user.

Parameters:

username (Any) – The name of the user for whom an auth token is to be vended.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
username –
params (Any) –
headers (Any) –

Return type:

Any

generate_user_token_legacy(username, params=None, headers=None)[source]

Generates authorization token for the given user. Legacy API. Not Implemented.

Parameters:

username (Any) – The name of the user for whom an auth token is to be vended.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
username –
params (Any) –
headers (Any) –

Return type:

Any

get_account_details(params=None, headers=None)[source]

Returns account details for the current user.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

get_action_group(action_group, params=None, headers=None)[source]

Retrieves one action group.

Parameters:

action_group (Any) – The name of the action group to retrieve.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
action_group –
params (Any) –
headers (Any) –

Return type:

Any

get_action_groups(params=None, headers=None)[source]

Retrieves all action groups.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

get_all_certificates(params=None, headers=None)[source]

Retrieves the cluster security certificates.

Parameters:

cert_type – The type of certificates (HTTP, TRANSPORT, ALL) to retrieve from all nodes.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
timeout – The maximum duration, in seconds, to be spent to retrieve certificates from all nodes.
params (Any) –
headers (Any) –

Return type:

Any

get_allowlist(params=None, headers=None)[source]

Retrieves the current list of allowed API accessible to normal user.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

get_audit_configuration(params=None, headers=None)[source]

Retrieves the audit configuration.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

get_certificates(params=None, headers=None)[source]

Retrieves the cluster security certificates.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

get_configuration(params=None, headers=None)[source]

Returns the current Security plugin configuration in JSON format.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

get_dashboards_info(params=None, headers=None)[source]

Retrieves the current security-dashboards plugin configuration.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

get_distinguished_name(cluster_name, params=None, headers=None)[source]

Retrieves distinguished names. Only accessible to super-admins and with rest- api permissions when enabled.

Parameters:

cluster_name (Any) – The cluster-name to retrieve nodes DN setting for.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
show_all – A boolean flag to include/exclude static nodes DN from final result.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
cluster_name –
params (Any) –
headers (Any) –

Return type:

Any

get_distinguished_names(params=None, headers=None)[source]

Retrieves distinguished names. Only accessible to super-admins and with rest- api permissions when enabled.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
show_all – A boolean flag to include/exclude static nodes DN from final result.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

get_node_certificates(node_id, params=None, headers=None)[source]

Retrieves the given node’s security certificates.

Parameters:

node_id (Any) – The full-id of the node to retrieve certificates.
cert_type – The type of certificates (HTTP, TRANSPORT, ALL) to retrieve for a node.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
timeout – The maximum duration, in seconds, to be spent to retrieve a node’s certificates.
node_id –
params (Any) –
headers (Any) –

Return type:

Any

get_permissions_info(params=None, headers=None)[source]

Gets the evaluated REST API permissions for the currently logged in user.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

get_role(role, params=None, headers=None)[source]

Retrieves one role.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
role (Any) –
params (Any) –
headers (Any) –

Return type:

Any

get_role_mapping(role, params=None, headers=None)[source]

Retrieves one role mapping.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
role (Any) –
params (Any) –
headers (Any) –

Return type:

Any

get_role_mappings(params=None, headers=None)[source]

Retrieves all role mappings.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

get_roles(params=None, headers=None)[source]

Retrieves all roles.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

get_sslinfo(params=None, headers=None)[source]

Retrieves the SSL configuration information.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
show_dn – A boolean flag to indicate whether all domain names should be returned.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

get_tenancy_config(params=None, headers=None)[source]

Retrieves multi-tenancy configuration. Only accessible to admins and users with REST API permissions.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

get_tenant(tenant, params=None, headers=None)[source]

Retrieves one tenant.

Parameters:

tenant (Any) – The name of the tenant to retrieve.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
tenant –
params (Any) –
headers (Any) –

Return type:

Any

get_tenants(params=None, headers=None)[source]

Retrieves all tenants.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

get_user(username, params=None, headers=None)[source]

Retrieve one internal user.

Parameters:

username (Any) – The name of the user to retrieve.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
username –
params (Any) –
headers (Any) –

Return type:

Any

get_user_legacy(username, params=None, headers=None)[source]

Retrieve one user. Legacy API.

Parameters:

username (Any) – The name of the user to retrieve.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
username –
params (Any) –
headers (Any) –

Return type:

Any

get_users(params=None, headers=None)[source]

Retrieve all internal users.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

get_users_legacy(params=None, headers=None)[source]

Retrieve all internal users. Legacy API.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

health(params=None, headers=None)[source]

Checks to see if the Security plugin is up and running.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
mode – A flag to indicate whether service should consider security-plugin’s status before returning health response. strict mode indicates service should check security plugin status.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

health_check(params=None, headers=None)

Checks to see if the Security plugin is up and running.

Warning

This API will be removed in a future version. Use ‘health’ API instead.

Parameters:

self (Any) –
params (Any) –
headers (Any) –

Return type:

Any

migrate(params=None, headers=None)[source]

Migrates security configuration from v6 to v7.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

patch_action_group(action_group, body, params=None, headers=None)[source]

Updates individual attributes of an action group.

Parameters:

action_group (Any) – The name of the action group to update.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
action_group –
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

patch_action_groups(body, params=None, headers=None)[source]

Creates, updates, or deletes multiple action groups in a single call.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

patch_allowlist(body, params=None, headers=None)[source]

Updates the current list of allowed API accessible to normal user.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

patch_audit_configuration(body, params=None, headers=None)[source]

A PATCH call is used to update specified fields in the audit configuration.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

patch_configuration(body, params=None, headers=None)[source]

A PATCH call is used to update the existing configuration using the REST API. Only accessible by admins and users with rest api access and only when put or patch is enabled.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

patch_distinguished_name(cluster_name, body=None, params=None, headers=None)[source]

Updates a distinguished cluster name for a specific cluster. Only accessible to super-admins and with rest-api permissions when enabled.

Parameters:

cluster_name (Any) – The cluster-name to update nodesDn value.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
cluster_name –
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

patch_distinguished_names(body, params=None, headers=None)[source]

Bulk update of distinguished names. Only accessible to super-admins and with rest-api permissions when enabled.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

patch_role(role, body, params=None, headers=None)[source]

Updates individual attributes of a role.

Parameters:

role (Any) – The name of the role to update.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
role –
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

patch_role_mapping(role, body, params=None, headers=None)[source]

Updates individual attributes of a role mapping.

Parameters:

role (Any) – The name of the role to update role-mapping for.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
role –
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

patch_role_mappings(body, params=None, headers=None)[source]

Creates or updates multiple role mappings in a single call.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

patch_roles(body, params=None, headers=None)[source]

Creates, updates, or deletes multiple roles in a single call.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

patch_tenant(tenant, body, params=None, headers=None)[source]

Add, delete, or modify a single tenant.

Parameters:

tenant (Any) – The name of the tenant to update.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
tenant –
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

patch_tenants(body, params=None, headers=None)[source]

Add, delete, or modify multiple tenants in a single call.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

patch_user(username, body, params=None, headers=None)[source]

Updates individual attributes of an internal user.

Parameters:

username (Any) – The name of the user to update.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
username –
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

patch_users(body, params=None, headers=None)[source]

Creates, updates, or deletes multiple internal users in a single call.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

post_dashboards_info(params=None, headers=None)[source]

Updates the current security-dashboards plugin configuration.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

reload_http_certificates(params=None, headers=None)[source]

Reload HTTP layer communication certificates.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

reload_transport_certificates(params=None, headers=None)[source]

Reload Transport layer communication certificates.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

tenant_info(params=None, headers=None)[source]

Retrieves the tenant names if any exist. Only accessible to super admins or kibanaserver user.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

update_audit_config(body, params=None, headers=None)

A PUT call updates the audit configuration.

Warning

This API will be removed in a future version. Use ‘update_audit_configuration’ API instead.

Parameters:

self (Any) –
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

update_audit_configuration(body, params=None, headers=None)[source]

Updates the audit configuration.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

update_configuration(body, params=None, headers=None)[source]

Adds or updates the existing configuration using the REST API. Only accessible by admins and users with rest api access and only when put or patch is enabled.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

update_distinguished_name(cluster_name, body=None, params=None, headers=None)[source]

Adds or updates the specified distinguished names in the cluster or node allow list. Only accessible to super-admins and with rest-api permissions when enabled.

Parameters:

cluster_name (Any) – The cluster-name to create/update nodesDn value for.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
cluster_name –
body (Any) –
params (Any) –
headers (Any) –

Return type:

Any

validate(params=None, headers=None)[source]

Checks whether the v6 security configuration is valid and ready to be migrated to v7.

Parameters:

accept_invalid – A boolean flag to indicate whether invalid v6 configuration should be allowed.
error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

who_am_i(params=None, headers=None)[source]

Gets the user identity related information for currently logged in user.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any

who_am_i_protected(params=None, headers=None)[source]

Gets the user identity related information for currently logged in user. User needs to have access to this endpoint when authorization at REST layer is enabled.

Parameters:

error_trace – Whether to include the stack trace of returned errors.
filter_path – Comma-separated list of filters used to reduce the response.
human – Whether to return human readable values for statistics.
pretty – Whether to pretty format the returned JSON response.
source – The URL-encoded request definition. Useful for libraries that do not accept a request body for non-POST requests.
params (Any) –
headers (Any) –

Return type:

Any