diff --git a/output/openapi/elasticsearch-openapi.json b/output/openapi/elasticsearch-openapi.json index e4531811ba..019ad1386d 100644 --- a/output/openapi/elasticsearch-openapi.json +++ b/output/openapi/elasticsearch-openapi.json @@ -30962,6 +30962,127 @@ "x-state": "Added in 7.13.0" } }, + "/_security/settings": { + "get": { + "tags": [ + "security" + ], + "summary": "Get security index settings", + "description": "Get the user-configurable settings for the security internal index (`.security` and associated indices).", + "operationId": "security-get-settings", + "parameters": [ + { + "in": "query", + "name": "master_timeout", + "description": "Period to wait for a connection to the master node.\nIf no response is received before the timeout expires, the request fails and returns an error.", + "deprecated": false, + "schema": { + "$ref": "#/components/schemas/_types:Duration" + }, + "style": "form" + } + ], + "responses": { + "200": { + "description": "", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "security": { + "$ref": "#/components/schemas/security._types:SecuritySettings" + }, + "security-profile": { + "$ref": "#/components/schemas/security._types:SecuritySettings" + }, + "security-tokens": { + "$ref": "#/components/schemas/security._types:SecuritySettings" + } + }, + "required": [ + "security", + "security-profile", + "security-tokens" + ] + } + } + } + } + } + }, + "put": { + "tags": [ + "security" + ], + "summary": "Update security index settings", + "description": "Update the user-configurable settings for the security internal index (`.security` and associated indices). Only a subset of settings are allowed to be modified, for example `index.auto_expand_replicas` and `index.number_of_replicas`.\n\nIf a specific index is not in use on the system and settings are provided for it, the request will be rejected. This API does not yet support configuring the settings for indices before they are in use.", + "operationId": "security-update-settings", + "parameters": [ + { + "in": "query", + "name": "master_timeout", + "description": "The period to wait for a connection to the master node.\nIf no response is received before the timeout expires, the request fails and returns an error.", + "deprecated": false, + "schema": { + "$ref": "#/components/schemas/_types:Duration" + }, + "style": "form" + }, + { + "in": "query", + "name": "timeout", + "description": "The period to wait for a response.\nIf no response is received before the timeout expires, the request fails and returns an error.", + "deprecated": false, + "schema": { + "$ref": "#/components/schemas/_types:Duration" + }, + "style": "form" + } + ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "security": { + "$ref": "#/components/schemas/security._types:SecuritySettings" + }, + "security-profile": { + "$ref": "#/components/schemas/security._types:SecuritySettings" + }, + "security-tokens": { + "$ref": "#/components/schemas/security._types:SecuritySettings" + } + } + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "acknowledged": { + "type": "boolean" + } + }, + "required": [ + "acknowledged" + ] + } + } + } + } + } + } + }, "/_security/oauth2/token": { "post": { "tags": [ @@ -86184,6 +86305,14 @@ "nodes" ] }, + "security._types:SecuritySettings": { + "type": "object", + "properties": { + "index": { + "$ref": "#/components/schemas/indices._types:IndexSettings" + } + } + }, "security.get_token:AccessTokenGrantType": { "type": "string", "enum": [ diff --git a/output/schema/schema.json b/output/schema/schema.json index 45495c7112..52ebbe31f4 100644 --- a/output/schema/schema.json +++ b/output/schema/schema.json @@ -17066,15 +17066,27 @@ "visibility": "public" } }, - "description": "Retrieve settings for the security system indices", - "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-settings.html", + "description": "Get security index settings.\nGet the user-configurable settings for the security internal index (`.security` and associated indices).", + "docId": "security-api-get-settings", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/security-api-get-settings.html", "name": "security.get_settings", - "request": null, + "privileges": { + "cluster": [ + "read_security" + ] + }, + "request": { + "name": "Request", + "namespace": "security.get_settings" + }, "requestBodyRequired": false, "requestMediaType": [ "application/json" ], - "response": null, + "response": { + "name": "Response", + "namespace": "security.get_settings" + }, "responseMediaType": [ "application/json" ], @@ -18206,15 +18218,27 @@ "visibility": "public" } }, - "description": "Update settings for the security system index", - "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-update-settings.html", + "description": "Update security index settings.\nUpdate the user-configurable settings for the security internal index (`.security` and associated indices). Only a subset of settings are allowed to be modified, for example `index.auto_expand_replicas` and `index.number_of_replicas`.\n\nIf a specific index is not in use on the system and settings are provided for it, the request will be rejected. This API does not yet support configuring the settings for indices before they are in use.", + "docId": "security-api-update-settings", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/security-api-update-settings.html", "name": "security.update_settings", - "request": null, + "privileges": { + "cluster": [ + "manage_security" + ] + }, + "request": { + "name": "Request", + "namespace": "security.update_settings" + }, "requestBodyRequired": true, "requestMediaType": [ "application/json" ], - "response": null, + "response": { + "name": "Response", + "namespace": "security.update_settings" + }, "responseMediaType": [ "application/json" ], @@ -193538,6 +193562,27 @@ ], "specLocation": "security/_types/Privileges.ts#L429-L449" }, + { + "kind": "interface", + "name": { + "name": "SecuritySettings", + "namespace": "security._types" + }, + "properties": [ + { + "name": "index", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "IndexSettings", + "namespace": "indices._types" + } + } + } + ], + "specLocation": "security/_types/SecuritySettings.ts#L22-L24" + }, { "kind": "enum", "members": [ @@ -198012,6 +198057,91 @@ }, "specLocation": "security/get_service_credentials/GetServiceCredentialsResponse.ts#L25-L33" }, + { + "kind": "request", + "attachedBehaviors": [ + "CommonQueryParameters" + ], + "body": { + "kind": "no_body" + }, + "description": "Get security index settings.\nGet the user-configurable settings for the security internal index (`.security` and associated indices).", + "inherits": { + "type": { + "name": "RequestBase", + "namespace": "_types" + } + }, + "name": { + "name": "Request", + "namespace": "security.get_settings" + }, + "path": [], + "query": [ + { + "description": "Period to wait for a connection to the master node.\nIf no response is received before the timeout expires, the request fails and returns an error.", + "name": "master_timeout", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "Duration", + "namespace": "_types" + } + } + } + ], + "specLocation": "security/get_settings/SecurityGetSettingsRequest.ts#L23-L39" + }, + { + "kind": "response", + "body": { + "kind": "properties", + "properties": [ + { + "description": "Settings for the index used for most security configuration, including native realm users and roles configured with the API.", + "name": "security", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "SecuritySettings", + "namespace": "security._types" + } + } + }, + { + "description": "Settings for the index used to store profile information.", + "name": "security-profile", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "SecuritySettings", + "namespace": "security._types" + } + } + }, + { + "description": "Settings for the index used to store tokens.", + "name": "security-tokens", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "SecuritySettings", + "namespace": "security._types" + } + } + } + ] + }, + "name": { + "name": "Response", + "namespace": "security.get_settings" + }, + "specLocation": "security/get_settings/SecurityGetSettingsResponse.ts#L21-L36" + }, { "kind": "enum", "members": [ @@ -203642,6 +203772,116 @@ }, "specLocation": "security/update_cross_cluster_api_key/UpdateCrossClusterApiKeyResponse.ts#L20-L28" }, + { + "kind": "request", + "attachedBehaviors": [ + "CommonQueryParameters" + ], + "body": { + "kind": "properties", + "properties": [ + { + "description": "Settings for the index used for most security configuration, including native realm users and roles configured with the API.", + "name": "security", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "SecuritySettings", + "namespace": "security._types" + } + } + }, + { + "description": "Settings for the index used to store profile information.", + "name": "security-profile", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "SecuritySettings", + "namespace": "security._types" + } + } + }, + { + "description": "Settings for the index used to store tokens.", + "name": "security-tokens", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "SecuritySettings", + "namespace": "security._types" + } + } + } + ] + }, + "description": "Update security index settings.\nUpdate the user-configurable settings for the security internal index (`.security` and associated indices). Only a subset of settings are allowed to be modified, for example `index.auto_expand_replicas` and `index.number_of_replicas`.\n\nIf a specific index is not in use on the system and settings are provided for it, the request will be rejected. This API does not yet support configuring the settings for indices before they are in use.", + "inherits": { + "type": { + "name": "RequestBase", + "namespace": "_types" + } + }, + "name": { + "name": "Request", + "namespace": "security.update_settings" + }, + "path": [], + "query": [ + { + "description": "The period to wait for a connection to the master node.\nIf no response is received before the timeout expires, the request fails and returns an error.", + "name": "master_timeout", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "Duration", + "namespace": "_types" + } + } + }, + { + "description": "The period to wait for a response.\nIf no response is received before the timeout expires, the request fails and returns an error.", + "name": "timeout", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "Duration", + "namespace": "_types" + } + } + } + ], + "specLocation": "security/update_settings/SecurityUpdateSettingsRequest.ts#L24-L61" + }, + { + "kind": "response", + "body": { + "kind": "properties", + "properties": [ + { + "name": "acknowledged", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "boolean", + "namespace": "_builtins" + } + } + } + ] + }, + "name": { + "name": "Response", + "namespace": "security.update_settings" + }, + "specLocation": "security/update_settings/SecurityUpdateSettingsResponse.ts#L20-L24" + }, { "kind": "request", "attachedBehaviors": [ diff --git a/output/schema/validation-errors.json b/output/schema/validation-errors.json index 94ec3dafb2..57542f9d1b 100644 --- a/output/schema/validation-errors.json +++ b/output/schema/validation-errors.json @@ -352,12 +352,6 @@ ], "response": [] }, - "security.get_settings": { - "request": [ - "Missing request & response" - ], - "response": [] - }, "security.get_user_privileges": { "request": [ "Request: query parameter 'application' does not exist in the json spec", @@ -372,12 +366,6 @@ ], "response": [] }, - "security.update_settings": { - "request": [ - "Missing request & response" - ], - "response": [] - }, "shutdown.delete_node": { "request": [ "Request: query parameter 'master_timeout' does not exist in the json spec", diff --git a/output/typescript/types.ts b/output/typescript/types.ts index 4b2af8b930..c857087bb9 100644 --- a/output/typescript/types.ts +++ b/output/typescript/types.ts @@ -18100,6 +18100,10 @@ export interface SecuritySearchAccess { allow_restricted_indices?: boolean } +export interface SecuritySecuritySettings { + index?: IndicesIndexSettings +} + export type SecurityTemplateFormat = 'string' | 'json' export interface SecurityUser { @@ -18572,6 +18576,16 @@ export interface SecurityGetServiceCredentialsResponse { nodes_credentials: SecurityGetServiceCredentialsNodesCredentials } +export interface SecurityGetSettingsRequest extends RequestBase { + master_timeout?: Duration +} + +export interface SecurityGetSettingsResponse { + security: SecuritySecuritySettings + 'security-profile': SecuritySecuritySettings + 'security-tokens': SecuritySecuritySettings +} + export type SecurityGetTokenAccessTokenGrantType = 'password' | 'client_credentials' | '_kerberos' | 'refresh_token' export interface SecurityGetTokenAuthenticatedUser extends SecurityUser { @@ -19140,6 +19154,20 @@ export interface SecurityUpdateCrossClusterApiKeyResponse { updated: boolean } +export interface SecurityUpdateSettingsRequest extends RequestBase { + master_timeout?: Duration + timeout?: Duration + body?: { + security?: SecuritySecuritySettings + 'security-profile'?: SecuritySecuritySettings + 'security-tokens'?: SecuritySecuritySettings + } +} + +export interface SecurityUpdateSettingsResponse { + acknowledged: boolean +} + export interface SecurityUpdateUserProfileDataRequest extends RequestBase { uid: SecurityUserProfileId if_seq_no?: SequenceNumber diff --git a/specification/_doc_ids/table.csv b/specification/_doc_ids/table.csv index 3e61792f6b..7b06d87c01 100644 --- a/specification/_doc_ids/table.csv +++ b/specification/_doc_ids/table.csv @@ -633,6 +633,7 @@ security-api-get-role-mapping,https://www.elastic.co/guide/en/elasticsearch/refe security-api-get-role,https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/security-api-get-role.html security-api-get-service-accounts,https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/security-api-get-service-accounts.html security-api-get-service-credentials,https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/security-api-get-service-credentials.html +security-api-get-settings,https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/security-api-get-settings.html security-api-get-token,https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/security-api-get-token.html security-api-get-user-privileges,https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/security-api-get-user-privileges.html security-api-get-user,https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/security-api-get-user.html @@ -658,6 +659,7 @@ security-api-saml-prepare-authentication,https://www.elastic.co/guide/en/elastic security-api-saml-sp-metadata,https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/security-api-saml-sp-metadata.html security-api-ssl,https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/security-api-ssl.html security-privileges,https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/security-privileges.html +security-api-update-settings,https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/security-api-update-settings.html service-accounts,https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/service-accounts.html set-processor,https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/set-processor.html shape,https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/shape.html diff --git a/specification/security/_types/SecuritySettings.ts b/specification/security/_types/SecuritySettings.ts new file mode 100644 index 0000000000..0a1f4f28d9 --- /dev/null +++ b/specification/security/_types/SecuritySettings.ts @@ -0,0 +1,24 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import { IndexSettings } from '@indices/_types/IndexSettings' + +export class SecuritySettings { + index?: IndexSettings +} diff --git a/specification/security/get_settings/SecurityGetSettingsRequest.ts b/specification/security/get_settings/SecurityGetSettingsRequest.ts new file mode 100644 index 0000000000..5259df096d --- /dev/null +++ b/specification/security/get_settings/SecurityGetSettingsRequest.ts @@ -0,0 +1,39 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import { RequestBase } from '@_types/Base' +import { Duration } from '@_types/Time' + +/** + * Get security index settings. + * Get the user-configurable settings for the security internal index (`.security` and associated indices). + * @rest_spec_name security.get_settings + * @availability stack stability=stable visibility=public + * @doc_id security-api-get-settings + * @cluster_privileges read_security + */ +export interface Request extends RequestBase { + query_parameters: { + /** + * Period to wait for a connection to the master node. + * If no response is received before the timeout expires, the request fails and returns an error. + */ + master_timeout?: Duration + } +} diff --git a/specification/security/get_settings/SecurityGetSettingsResponse.ts b/specification/security/get_settings/SecurityGetSettingsResponse.ts new file mode 100644 index 0000000000..dfbed2ed54 --- /dev/null +++ b/specification/security/get_settings/SecurityGetSettingsResponse.ts @@ -0,0 +1,36 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +import { SecuritySettings } from '@security/_types/SecuritySettings' + +export class Response { + body: { + /** + * Settings for the index used for most security configuration, including native realm users and roles configured with the API. + */ + security: SecuritySettings + /** + * Settings for the index used to store profile information. + */ + 'security-profile': SecuritySettings + /** + * Settings for the index used to store tokens. + */ + 'security-tokens': SecuritySettings + } +} diff --git a/specification/security/update_settings/SecurityUpdateSettingsRequest.ts b/specification/security/update_settings/SecurityUpdateSettingsRequest.ts new file mode 100644 index 0000000000..828d49e065 --- /dev/null +++ b/specification/security/update_settings/SecurityUpdateSettingsRequest.ts @@ -0,0 +1,61 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import { SecuritySettings } from '@security/_types/SecuritySettings' +import { RequestBase } from '@_types/Base' +import { Duration } from '@_types/Time' + +/** + * Update security index settings. + * Update the user-configurable settings for the security internal index (`.security` and associated indices). Only a subset of settings are allowed to be modified, for example `index.auto_expand_replicas` and `index.number_of_replicas`. + * + * If a specific index is not in use on the system and settings are provided for it, the request will be rejected. This API does not yet support configuring the settings for indices before they are in use. + * @rest_spec_name security.update_settings + * @availability stack stability=stable visibility=public + * @cluster_privileges manage_security + * @doc_id security-api-update-settings + */ +export interface Request extends RequestBase { + query_parameters: { + /** + * The period to wait for a connection to the master node. + * If no response is received before the timeout expires, the request fails and returns an error. + */ + master_timeout?: Duration + /** + * The period to wait for a response. + * If no response is received before the timeout expires, the request fails and returns an error. + */ + timeout?: Duration + } + body: { + /** + * Settings for the index used for most security configuration, including native realm users and roles configured with the API. + */ + security?: SecuritySettings + /** + * Settings for the index used to store profile information. + */ + 'security-profile'?: SecuritySettings + /** + * Settings for the index used to store tokens. + */ + 'security-tokens'?: SecuritySettings + } +} diff --git a/specification/security/update_settings/SecurityUpdateSettingsResponse.ts b/specification/security/update_settings/SecurityUpdateSettingsResponse.ts new file mode 100644 index 0000000000..626e80c3d5 --- /dev/null +++ b/specification/security/update_settings/SecurityUpdateSettingsResponse.ts @@ -0,0 +1,24 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +export class Response { + body: { + acknowledged: boolean + } +}