elasticsearch_serverless/_async/client/security.py [827:959]:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
self,
*,
aggregations: t.Optional[t.Mapping[str, t.Mapping[str, t.Any]]] = None,
aggs: t.Optional[t.Mapping[str, t.Mapping[str, t.Any]]] = None,
error_trace: t.Optional[bool] = None,
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
from_: t.Optional[int] = None,
human: t.Optional[bool] = None,
pretty: t.Optional[bool] = None,
query: t.Optional[t.Mapping[str, t.Any]] = None,
search_after: t.Optional[
t.Sequence[t.Union[None, bool, float, int, str]]
] = None,
size: t.Optional[int] = None,
sort: t.Optional[
t.Union[
t.Sequence[t.Union[str, t.Mapping[str, t.Any]]],
t.Union[str, t.Mapping[str, t.Any]],
]
] = None,
typed_keys: t.Optional[bool] = None,
with_limited_by: t.Optional[bool] = None,
with_profile_uid: t.Optional[bool] = None,
body: t.Optional[t.Dict[str, t.Any]] = None,
) -> ObjectApiResponse[t.Any]:
"""
.. raw:: html
Find API keys with a query.
Get a paginated list of API keys and their information.
You can optionally filter the results with a query.
To use this API, you must have at least the manage_own_api_key or the read_security cluster privileges.
If you have only the manage_own_api_key privilege, this API returns only the API keys that you own.
If you have the read_security, manage_api_key, or greater privileges (including manage_security), this API returns all API keys regardless of ownership.
``_
:param aggregations: Any aggregations to run over the corpus of returned API
keys. Aggregations and queries work together. Aggregations are computed only
on the API keys that match the query. This supports only a subset of aggregation
types, namely: `terms`, `range`, `date_range`, `missing`, `cardinality`,
`value_count`, `composite`, `filter`, and `filters`. Additionally, aggregations
only run over the same subset of fields that query works with.
:param aggs: Any aggregations to run over the corpus of returned API keys. Aggregations
and queries work together. Aggregations are computed only on the API keys
that match the query. This supports only a subset of aggregation types, namely:
`terms`, `range`, `date_range`, `missing`, `cardinality`, `value_count`,
`composite`, `filter`, and `filters`. Additionally, aggregations only run
over the same subset of fields that query works with.
:param from_: The starting document offset. It must not be negative. By default,
you cannot page through more than 10,000 hits using the `from` and `size`
parameters. To page through more hits, use the `search_after` parameter.
:param query: A query to filter which API keys to return. If the query parameter
is missing, it is equivalent to a `match_all` query. The query supports a
subset of query types, including `match_all`, `bool`, `term`, `terms`, `match`,
`ids`, `prefix`, `wildcard`, `exists`, `range`, and `simple_query_string`.
You can query the following public information associated with an API key:
`id`, `type`, `name`, `creation`, `expiration`, `invalidated`, `invalidation`,
`username`, `realm`, and `metadata`. NOTE: The queryable string values associated
with API keys are internally mapped as keywords. Consequently, if no `analyzer`
parameter is specified for a `match` query, then the provided match query
string is interpreted as a single keyword value. Such a match query is hence
equivalent to a `term` query.
:param search_after: The search after definition.
:param size: The number of hits to return. It must not be negative. The `size`
parameter can be set to `0`, in which case no API key matches are returned,
only the aggregation results. By default, you cannot page through more than
10,000 hits using the `from` and `size` parameters. To page through more
hits, use the `search_after` parameter.
:param sort: The sort definition. Other than `id`, all public fields of an API
key are eligible for sorting. In addition, sort can also be applied to the
`_doc` field to sort by index order.
:param typed_keys: Determines whether aggregation names are prefixed by their
respective types in the response.
:param with_limited_by: Return the snapshot of the owner user's role descriptors
associated with the API key. An API key's actual permission is the intersection
of its assigned role descriptors and the owner user's role descriptors (effectively
limited by it). An API key cannot retrieve any API key’s limited-by role
descriptors (including itself) unless it has `manage_api_key` or higher privileges.
:param with_profile_uid: Determines whether to also retrieve the profile UID
for the API key owner principal. If it exists, the profile UID is returned
under the `profile_uid` response field for each API key.
"""
__path_parts: t.Dict[str, str] = {}
__path = "/_security/_query/api_key"
__query: t.Dict[str, t.Any] = {}
__body: t.Dict[str, t.Any] = body if body is not None else {}
# The 'sort' parameter with a colon can't be encoded to the body.
if sort is not None and (
(isinstance(sort, str) and ":" in sort)
or (
isinstance(sort, (list, tuple))
and all(isinstance(_x, str) for _x in sort)
and any(":" in _x for _x in sort)
)
):
__query["sort"] = sort
sort = None
if error_trace is not None:
__query["error_trace"] = error_trace
if filter_path is not None:
__query["filter_path"] = filter_path
if human is not None:
__query["human"] = human
if pretty is not None:
__query["pretty"] = pretty
if typed_keys is not None:
__query["typed_keys"] = typed_keys
if with_limited_by is not None:
__query["with_limited_by"] = with_limited_by
if with_profile_uid is not None:
__query["with_profile_uid"] = with_profile_uid
if not __body:
if aggregations is not None:
__body["aggregations"] = aggregations
if aggs is not None:
__body["aggs"] = aggs
if from_ is not None:
__body["from"] = from_
if query is not None:
__body["query"] = query
if search_after is not None:
__body["search_after"] = search_after
if size is not None:
__body["size"] = size
if sort is not None:
__body["sort"] = sort
if not __body:
__body = None # type: ignore[assignment]
__headers = {"accept": "application/json"}
if __body is not None:
__headers["content-type"] = "application/json"
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
elasticsearch_serverless/_sync/client/security.py [827:959]:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
self,
*,
aggregations: t.Optional[t.Mapping[str, t.Mapping[str, t.Any]]] = None,
aggs: t.Optional[t.Mapping[str, t.Mapping[str, t.Any]]] = None,
error_trace: t.Optional[bool] = None,
filter_path: t.Optional[t.Union[str, t.Sequence[str]]] = None,
from_: t.Optional[int] = None,
human: t.Optional[bool] = None,
pretty: t.Optional[bool] = None,
query: t.Optional[t.Mapping[str, t.Any]] = None,
search_after: t.Optional[
t.Sequence[t.Union[None, bool, float, int, str]]
] = None,
size: t.Optional[int] = None,
sort: t.Optional[
t.Union[
t.Sequence[t.Union[str, t.Mapping[str, t.Any]]],
t.Union[str, t.Mapping[str, t.Any]],
]
] = None,
typed_keys: t.Optional[bool] = None,
with_limited_by: t.Optional[bool] = None,
with_profile_uid: t.Optional[bool] = None,
body: t.Optional[t.Dict[str, t.Any]] = None,
) -> ObjectApiResponse[t.Any]:
"""
.. raw:: html
Find API keys with a query.
Get a paginated list of API keys and their information.
You can optionally filter the results with a query.
To use this API, you must have at least the manage_own_api_key or the read_security cluster privileges.
If you have only the manage_own_api_key privilege, this API returns only the API keys that you own.
If you have the read_security, manage_api_key, or greater privileges (including manage_security), this API returns all API keys regardless of ownership.
``_
:param aggregations: Any aggregations to run over the corpus of returned API
keys. Aggregations and queries work together. Aggregations are computed only
on the API keys that match the query. This supports only a subset of aggregation
types, namely: `terms`, `range`, `date_range`, `missing`, `cardinality`,
`value_count`, `composite`, `filter`, and `filters`. Additionally, aggregations
only run over the same subset of fields that query works with.
:param aggs: Any aggregations to run over the corpus of returned API keys. Aggregations
and queries work together. Aggregations are computed only on the API keys
that match the query. This supports only a subset of aggregation types, namely:
`terms`, `range`, `date_range`, `missing`, `cardinality`, `value_count`,
`composite`, `filter`, and `filters`. Additionally, aggregations only run
over the same subset of fields that query works with.
:param from_: The starting document offset. It must not be negative. By default,
you cannot page through more than 10,000 hits using the `from` and `size`
parameters. To page through more hits, use the `search_after` parameter.
:param query: A query to filter which API keys to return. If the query parameter
is missing, it is equivalent to a `match_all` query. The query supports a
subset of query types, including `match_all`, `bool`, `term`, `terms`, `match`,
`ids`, `prefix`, `wildcard`, `exists`, `range`, and `simple_query_string`.
You can query the following public information associated with an API key:
`id`, `type`, `name`, `creation`, `expiration`, `invalidated`, `invalidation`,
`username`, `realm`, and `metadata`. NOTE: The queryable string values associated
with API keys are internally mapped as keywords. Consequently, if no `analyzer`
parameter is specified for a `match` query, then the provided match query
string is interpreted as a single keyword value. Such a match query is hence
equivalent to a `term` query.
:param search_after: The search after definition.
:param size: The number of hits to return. It must not be negative. The `size`
parameter can be set to `0`, in which case no API key matches are returned,
only the aggregation results. By default, you cannot page through more than
10,000 hits using the `from` and `size` parameters. To page through more
hits, use the `search_after` parameter.
:param sort: The sort definition. Other than `id`, all public fields of an API
key are eligible for sorting. In addition, sort can also be applied to the
`_doc` field to sort by index order.
:param typed_keys: Determines whether aggregation names are prefixed by their
respective types in the response.
:param with_limited_by: Return the snapshot of the owner user's role descriptors
associated with the API key. An API key's actual permission is the intersection
of its assigned role descriptors and the owner user's role descriptors (effectively
limited by it). An API key cannot retrieve any API key’s limited-by role
descriptors (including itself) unless it has `manage_api_key` or higher privileges.
:param with_profile_uid: Determines whether to also retrieve the profile UID
for the API key owner principal. If it exists, the profile UID is returned
under the `profile_uid` response field for each API key.
"""
__path_parts: t.Dict[str, str] = {}
__path = "/_security/_query/api_key"
__query: t.Dict[str, t.Any] = {}
__body: t.Dict[str, t.Any] = body if body is not None else {}
# The 'sort' parameter with a colon can't be encoded to the body.
if sort is not None and (
(isinstance(sort, str) and ":" in sort)
or (
isinstance(sort, (list, tuple))
and all(isinstance(_x, str) for _x in sort)
and any(":" in _x for _x in sort)
)
):
__query["sort"] = sort
sort = None
if error_trace is not None:
__query["error_trace"] = error_trace
if filter_path is not None:
__query["filter_path"] = filter_path
if human is not None:
__query["human"] = human
if pretty is not None:
__query["pretty"] = pretty
if typed_keys is not None:
__query["typed_keys"] = typed_keys
if with_limited_by is not None:
__query["with_limited_by"] = with_limited_by
if with_profile_uid is not None:
__query["with_profile_uid"] = with_profile_uid
if not __body:
if aggregations is not None:
__body["aggregations"] = aggregations
if aggs is not None:
__body["aggs"] = aggs
if from_ is not None:
__body["from"] = from_
if query is not None:
__body["query"] = query
if search_after is not None:
__body["search_after"] = search_after
if size is not None:
__body["size"] = size
if sort is not None:
__body["sort"] = sort
if not __body:
__body = None # type: ignore[assignment]
__headers = {"accept": "application/json"}
if __body is not None:
__headers["content-type"] = "application/json"
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -