Package co.elastic.clients.elasticsearch.security

Class RoleDescriptor

java.lang.Object
co.elastic.clients.elasticsearch.security.RoleDescriptor
All Implemented Interfaces:
JsonpSerializable
Direct Known Subclasses:
QueryRole
@JsonpDeserializable public class RoleDescriptor extends Object implements JsonpSerializable
See Also:

  • Field Details

  • Constructor Details

  • Method Details

    • roleDescriptorOf

      public static RoleDescriptor roleDescriptorOf(Function<RoleDescriptor.Builder,ObjectBuilder<RoleDescriptor>> fn)

    • cluster

      public final List<String> cluster()
      A list of cluster privileges. These privileges define the cluster level actions that API keys are able to execute.

      API name: cluster

    • indices

      public final List<IndicesPrivileges> indices()
      A list of indices permissions entries.

      API name: indices

    • remoteIndices

      public final List<RemoteIndicesPrivileges> remoteIndices()
      A list of indices permissions for remote clusters.

      API name: remote_indices

    • remoteCluster

      public final List<RemoteClusterPrivileges> remoteCluster()
      A list of cluster permissions for remote clusters. NOTE: This is limited a subset of the cluster permissions.

      API name: remote_cluster

    • global

      public final List<GlobalPrivilege> global()
      An object defining global privileges. A global privilege is a form of cluster privilege that is request-aware. Support for global privileges is currently limited to the management of application privileges.

      API name: global

    • applications

      public final List<ApplicationPrivileges> applications()
      A list of application privilege entries

      API name: applications

    • metadata

      public final Map<String,JsonData> metadata()
      Optional meta-data. Within the metadata object, keys that begin with _ are reserved for system usage.

      API name: metadata

    • runAs

      public final List<String> runAs()
      A list of users that the API keys can impersonate. NOTE: In Elastic Cloud Serverless, the run-as feature is disabled. For API compatibility, you can still specify an empty run_as field, but a non-empty list will be rejected.

      API name: run_as

    • description

      @Nullable public final String description()
      Optional description of the role descriptor

      API name: description

    • restriction

      @Nullable public final Restriction restriction()
      Restriction for when the role descriptor is allowed to be effective.

      API name: restriction

    • transientMetadata

      public final Map<String,JsonData> transientMetadata()
      API name: transient_metadata

    • serialize

      public void serialize(jakarta.json.stream.JsonGenerator generator, JsonpMapper mapper)
      Serialize this object to JSON.
      Specified by:
      serialize in interface JsonpSerializable

    • serializeInternal

      protected void serializeInternal(jakarta.json.stream.JsonGenerator generator, JsonpMapper mapper)

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • setupRoleDescriptorDeserializer

      protected static <BuilderT extends RoleDescriptor.AbstractBuilder<BuilderT>> void setupRoleDescriptorDeserializer(ObjectDeserializer<BuilderT> op)