Viewing docs for elasticstack 0.15.0
published on Thursday, May 14, 2026 by elastic
published on Thursday, May 14, 2026 by elastic
Viewing docs for elasticstack 0.15.0
published on Thursday, May 14, 2026 by elastic
published on Thursday, May 14, 2026 by elastic
Retrieves roles in the native realm. See, https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-role.html
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as elasticstack from "@pulumi/elasticstack";
// Look up a built-in cluster role that always exists.
const role = elasticstack.getElasticsearchSecurityRole({
name: "superuser",
});
import pulumi
import pulumi_elasticstack as elasticstack
# Look up a built-in cluster role that always exists.
role = elasticstack.get_elasticsearch_security_role(name="superuser")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/elasticstack/elasticstack"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Look up a built-in cluster role that always exists.
_, err := elasticstack.LookupElasticsearchSecurityRole(ctx, &elasticstack.LookupElasticsearchSecurityRoleArgs{
Name: "superuser",
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Elasticstack = Pulumi.Elasticstack;
return await Deployment.RunAsync(() =>
{
// Look up a built-in cluster role that always exists.
var role = Elasticstack.GetElasticsearchSecurityRole.Invoke(new()
{
Name = "superuser",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.elasticstack.ElasticstackFunctions;
import com.pulumi.elasticstack.inputs.GetElasticsearchSecurityRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Look up a built-in cluster role that always exists.
final var role = ElasticstackFunctions.getElasticsearchSecurityRole(GetElasticsearchSecurityRoleArgs.builder()
.name("superuser")
.build());
}
}
variables:
# Look up a built-in cluster role that always exists.
role:
fn::invoke:
function: elasticstack:getElasticsearchSecurityRole
arguments:
name: superuser
Example coming soon!
Using getElasticsearchSecurityRole
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getElasticsearchSecurityRole(args: GetElasticsearchSecurityRoleArgs, opts?: InvokeOptions): Promise<GetElasticsearchSecurityRoleResult>
function getElasticsearchSecurityRoleOutput(args: GetElasticsearchSecurityRoleOutputArgs, opts?: InvokeOptions): Output<GetElasticsearchSecurityRoleResult>def get_elasticsearch_security_role(elasticsearch_connections: Optional[Sequence[GetElasticsearchSecurityRoleElasticsearchConnection]] = None,
name: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetElasticsearchSecurityRoleResult
def get_elasticsearch_security_role_output(elasticsearch_connections: pulumi.Input[Optional[Sequence[pulumi.Input[GetElasticsearchSecurityRoleElasticsearchConnectionArgs]]]] = None,
name: pulumi.Input[Optional[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetElasticsearchSecurityRoleResult]func LookupElasticsearchSecurityRole(ctx *Context, args *LookupElasticsearchSecurityRoleArgs, opts ...InvokeOption) (*LookupElasticsearchSecurityRoleResult, error)
func LookupElasticsearchSecurityRoleOutput(ctx *Context, args *LookupElasticsearchSecurityRoleOutputArgs, opts ...InvokeOption) LookupElasticsearchSecurityRoleResultOutput> Note: This function is named LookupElasticsearchSecurityRole in the Go SDK.
public static class GetElasticsearchSecurityRole
{
public static Task<GetElasticsearchSecurityRoleResult> InvokeAsync(GetElasticsearchSecurityRoleArgs args, InvokeOptions? opts = null)
public static Output<GetElasticsearchSecurityRoleResult> Invoke(GetElasticsearchSecurityRoleInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetElasticsearchSecurityRoleResult> getElasticsearchSecurityRole(GetElasticsearchSecurityRoleArgs args, InvokeOptions options)
public static Output<GetElasticsearchSecurityRoleResult> getElasticsearchSecurityRole(GetElasticsearchSecurityRoleArgs args, InvokeOptions options)
fn::invoke:
function: elasticstack:index/getElasticsearchSecurityRole:getElasticsearchSecurityRole
arguments:
# arguments dictionarydata "elasticstack_getelasticsearchsecurityrole" "name" {
# arguments
}The following arguments are supported:
- Name string
- The name of the role.
- Elasticsearch
Connections List<GetElasticsearch Security Role Elasticsearch Connection> - Elasticsearch connection configuration block.
- Name string
- The name of the role.
- Elasticsearch
Connections []GetElasticsearch Security Role Elasticsearch Connection - Elasticsearch connection configuration block.
- name string
- The name of the role.
- elasticsearch_
connections list(object) - Elasticsearch connection configuration block.
- name String
- The name of the role.
- elasticsearch
Connections List<GetElasticsearch Security Role Elasticsearch Connection> - Elasticsearch connection configuration block.
- name string
- The name of the role.
- elasticsearch
Connections GetElasticsearch Security Role Elasticsearch Connection[] - Elasticsearch connection configuration block.
- name str
- The name of the role.
- elasticsearch_
connections Sequence[GetElasticsearch Security Role Elasticsearch Connection] - Elasticsearch connection configuration block.
- name String
- The name of the role.
- elasticsearch
Connections List<Property Map> - Elasticsearch connection configuration block.
getElasticsearchSecurityRole Result
The following output properties are available:
- Applications
List<Get
Elasticsearch Security Role Application> - A list of application privilege entries.
- Clusters List<string>
- A list of cluster privileges. These privileges define the cluster level actions that users with this role are able to execute.
- Description string
- The description of the role.
- Global string
- An object defining global privileges.
- Id string
- Internal identifier of the resource
- Indices
List<Get
Elasticsearch Security Role Index> - A list of indices permissions entries.
- Metadata string
- Optional meta-data.
- Name string
- The name of the role.
- Remote
Indices List<GetElasticsearch Security Role Remote Index> - A list of remote indices permissions entries.
- Run
As List<string> - Elasticsearch
Connections List<GetElasticsearch Security Role Elasticsearch Connection> - Elasticsearch connection configuration block.
- Applications
[]Get
Elasticsearch Security Role Application - A list of application privilege entries.
- Clusters []string
- A list of cluster privileges. These privileges define the cluster level actions that users with this role are able to execute.
- Description string
- The description of the role.
- Global string
- An object defining global privileges.
- Id string
- Internal identifier of the resource
- Indices
[]Get
Elasticsearch Security Role Index - A list of indices permissions entries.
- Metadata string
- Optional meta-data.
- Name string
- The name of the role.
- Remote
Indices []GetElasticsearch Security Role Remote Index - A list of remote indices permissions entries.
- Run
As []string - Elasticsearch
Connections []GetElasticsearch Security Role Elasticsearch Connection - Elasticsearch connection configuration block.
- applications list(object)
- A list of application privilege entries.
- clusters list(string)
- A list of cluster privileges. These privileges define the cluster level actions that users with this role are able to execute.
- description string
- The description of the role.
- global string
- An object defining global privileges.
- id string
- Internal identifier of the resource
- indices list(object)
- A list of indices permissions entries.
- metadata string
- Optional meta-data.
- name string
- The name of the role.
- remote_
indices list(object) - A list of remote indices permissions entries.
- run_
as list(string) - elasticsearch_
connections list(object) - Elasticsearch connection configuration block.
- applications
List<Get
Elasticsearch Security Role Application> - A list of application privilege entries.
- clusters List<String>
- A list of cluster privileges. These privileges define the cluster level actions that users with this role are able to execute.
- description String
- The description of the role.
- global String
- An object defining global privileges.
- id String
- Internal identifier of the resource
- indices
List<Get
Elasticsearch Security Role Index> - A list of indices permissions entries.
- metadata String
- Optional meta-data.
- name String
- The name of the role.
- remote
Indices List<GetElasticsearch Security Role Remote Index> - A list of remote indices permissions entries.
- run
As List<String> - elasticsearch
Connections List<GetElasticsearch Security Role Elasticsearch Connection> - Elasticsearch connection configuration block.
- applications
Get
Elasticsearch Security Role Application[] - A list of application privilege entries.
- clusters string[]
- A list of cluster privileges. These privileges define the cluster level actions that users with this role are able to execute.
- description string
- The description of the role.
- global string
- An object defining global privileges.
- id string
- Internal identifier of the resource
- indices
Get
Elasticsearch Security Role Index[] - A list of indices permissions entries.
- metadata string
- Optional meta-data.
- name string
- The name of the role.
- remote
Indices GetElasticsearch Security Role Remote Index[] - A list of remote indices permissions entries.
- run
As string[] - elasticsearch
Connections GetElasticsearch Security Role Elasticsearch Connection[] - Elasticsearch connection configuration block.
- applications
Sequence[Get
Elasticsearch Security Role Application] - A list of application privilege entries.
- clusters Sequence[str]
- A list of cluster privileges. These privileges define the cluster level actions that users with this role are able to execute.
- description str
- The description of the role.
- global_ str
- An object defining global privileges.
- id str
- Internal identifier of the resource
- indices
Sequence[Get
Elasticsearch Security Role Index] - A list of indices permissions entries.
- metadata str
- Optional meta-data.
- name str
- The name of the role.
- remote_
indices Sequence[GetElasticsearch Security Role Remote Index] - A list of remote indices permissions entries.
- run_
as Sequence[str] - elasticsearch_
connections Sequence[GetElasticsearch Security Role Elasticsearch Connection] - Elasticsearch connection configuration block.
- applications List<Property Map>
- A list of application privilege entries.
- clusters List<String>
- A list of cluster privileges. These privileges define the cluster level actions that users with this role are able to execute.
- description String
- The description of the role.
- global String
- An object defining global privileges.
- id String
- Internal identifier of the resource
- indices List<Property Map>
- A list of indices permissions entries.
- metadata String
- Optional meta-data.
- name String
- The name of the role.
- remote
Indices List<Property Map> - A list of remote indices permissions entries.
- run
As List<String> - elasticsearch
Connections List<Property Map> - Elasticsearch connection configuration block.
Supporting Types
GetElasticsearchSecurityRoleApplication
- Application string
- The name of the application to which this entry applies.
- Privileges List<string>
- A list of strings, where each element is the name of an application privilege or action.
- Resources List<string>
- A list resources to which the privileges are applied.
- Application string
- The name of the application to which this entry applies.
- Privileges []string
- A list of strings, where each element is the name of an application privilege or action.
- Resources []string
- A list resources to which the privileges are applied.
- application string
- The name of the application to which this entry applies.
- privileges list(string)
- A list of strings, where each element is the name of an application privilege or action.
- resources list(string)
- A list resources to which the privileges are applied.
- application String
- The name of the application to which this entry applies.
- privileges List<String>
- A list of strings, where each element is the name of an application privilege or action.
- resources List<String>
- A list resources to which the privileges are applied.
- application string
- The name of the application to which this entry applies.
- privileges string[]
- A list of strings, where each element is the name of an application privilege or action.
- resources string[]
- A list resources to which the privileges are applied.
- application str
- The name of the application to which this entry applies.
- privileges Sequence[str]
- A list of strings, where each element is the name of an application privilege or action.
- resources Sequence[str]
- A list resources to which the privileges are applied.
- application String
- The name of the application to which this entry applies.
- privileges List<String>
- A list of strings, where each element is the name of an application privilege or action.
- resources List<String>
- A list resources to which the privileges are applied.
GetElasticsearchSecurityRoleElasticsearchConnection
- Api
Key string - API Key to use for authentication to Elasticsearch
- Bearer
Token string - Bearer Token to use for authentication to Elasticsearch
- Ca
Data string - PEM-encoded custom Certificate Authority certificate
- Ca
File string - Path to a custom Certificate Authority certificate
- Cert
Data string - PEM encoded certificate for client auth
- Cert
File string - Path to a file containing the PEM encoded certificate for client auth
- Endpoints List<string>
- Es
Client stringAuthentication - ES Client Authentication field to be used with the JWT token
- Headers Dictionary<string, string>
- A list of headers to be sent with each request to Elasticsearch.
- Insecure bool
- Disable TLS certificate validation
- Key
Data string - PEM encoded private key for client auth
- Key
File string - Path to a file containing the PEM encoded private key for client auth
- Password string
- Password to use for API authentication to Elasticsearch.
- Username string
- Username to use for API authentication to Elasticsearch.
- Api
Key string - API Key to use for authentication to Elasticsearch
- Bearer
Token string - Bearer Token to use for authentication to Elasticsearch
- Ca
Data string - PEM-encoded custom Certificate Authority certificate
- Ca
File string - Path to a custom Certificate Authority certificate
- Cert
Data string - PEM encoded certificate for client auth
- Cert
File string - Path to a file containing the PEM encoded certificate for client auth
- Endpoints []string
- Es
Client stringAuthentication - ES Client Authentication field to be used with the JWT token
- Headers map[string]string
- A list of headers to be sent with each request to Elasticsearch.
- Insecure bool
- Disable TLS certificate validation
- Key
Data string - PEM encoded private key for client auth
- Key
File string - Path to a file containing the PEM encoded private key for client auth
- Password string
- Password to use for API authentication to Elasticsearch.
- Username string
- Username to use for API authentication to Elasticsearch.
- api_
key string - API Key to use for authentication to Elasticsearch
- bearer_
token string - Bearer Token to use for authentication to Elasticsearch
- ca_
data string - PEM-encoded custom Certificate Authority certificate
- ca_
file string - Path to a custom Certificate Authority certificate
- cert_
data string - PEM encoded certificate for client auth
- cert_
file string - Path to a file containing the PEM encoded certificate for client auth
- endpoints list(string)
- es_
client_ stringauthentication - ES Client Authentication field to be used with the JWT token
- headers map(string)
- A list of headers to be sent with each request to Elasticsearch.
- insecure bool
- Disable TLS certificate validation
- key_
data string - PEM encoded private key for client auth
- key_
file string - Path to a file containing the PEM encoded private key for client auth
- password string
- Password to use for API authentication to Elasticsearch.
- username string
- Username to use for API authentication to Elasticsearch.
- api
Key String - API Key to use for authentication to Elasticsearch
- bearer
Token String - Bearer Token to use for authentication to Elasticsearch
- ca
Data String - PEM-encoded custom Certificate Authority certificate
- ca
File String - Path to a custom Certificate Authority certificate
- cert
Data String - PEM encoded certificate for client auth
- cert
File String - Path to a file containing the PEM encoded certificate for client auth
- endpoints List<String>
- es
Client StringAuthentication - ES Client Authentication field to be used with the JWT token
- headers Map<String,String>
- A list of headers to be sent with each request to Elasticsearch.
- insecure Boolean
- Disable TLS certificate validation
- key
Data String - PEM encoded private key for client auth
- key
File String - Path to a file containing the PEM encoded private key for client auth
- password String
- Password to use for API authentication to Elasticsearch.
- username String
- Username to use for API authentication to Elasticsearch.
- api
Key string - API Key to use for authentication to Elasticsearch
- bearer
Token string - Bearer Token to use for authentication to Elasticsearch
- ca
Data string - PEM-encoded custom Certificate Authority certificate
- ca
File string - Path to a custom Certificate Authority certificate
- cert
Data string - PEM encoded certificate for client auth
- cert
File string - Path to a file containing the PEM encoded certificate for client auth
- endpoints string[]
- es
Client stringAuthentication - ES Client Authentication field to be used with the JWT token
- headers {[key: string]: string}
- A list of headers to be sent with each request to Elasticsearch.
- insecure boolean
- Disable TLS certificate validation
- key
Data string - PEM encoded private key for client auth
- key
File string - Path to a file containing the PEM encoded private key for client auth
- password string
- Password to use for API authentication to Elasticsearch.
- username string
- Username to use for API authentication to Elasticsearch.
- api_
key str - API Key to use for authentication to Elasticsearch
- bearer_
token str - Bearer Token to use for authentication to Elasticsearch
- ca_
data str - PEM-encoded custom Certificate Authority certificate
- ca_
file str - Path to a custom Certificate Authority certificate
- cert_
data str - PEM encoded certificate for client auth
- cert_
file str - Path to a file containing the PEM encoded certificate for client auth
- endpoints Sequence[str]
- es_
client_ strauthentication - ES Client Authentication field to be used with the JWT token
- headers Mapping[str, str]
- A list of headers to be sent with each request to Elasticsearch.
- insecure bool
- Disable TLS certificate validation
- key_
data str - PEM encoded private key for client auth
- key_
file str - Path to a file containing the PEM encoded private key for client auth
- password str
- Password to use for API authentication to Elasticsearch.
- username str
- Username to use for API authentication to Elasticsearch.
- api
Key String - API Key to use for authentication to Elasticsearch
- bearer
Token String - Bearer Token to use for authentication to Elasticsearch
- ca
Data String - PEM-encoded custom Certificate Authority certificate
- ca
File String - Path to a custom Certificate Authority certificate
- cert
Data String - PEM encoded certificate for client auth
- cert
File String - Path to a file containing the PEM encoded certificate for client auth
- endpoints List<String>
- es
Client StringAuthentication - ES Client Authentication field to be used with the JWT token
- headers Map<String>
- A list of headers to be sent with each request to Elasticsearch.
- insecure Boolean
- Disable TLS certificate validation
- key
Data String - PEM encoded private key for client auth
- key
File String - Path to a file containing the PEM encoded private key for client auth
- password String
- Password to use for API authentication to Elasticsearch.
- username String
- Username to use for API authentication to Elasticsearch.
GetElasticsearchSecurityRoleIndex
- Allow
Restricted boolIndices - Include matching restricted indices in names parameter.
- Field
Securities List<GetElasticsearch Security Role Index Field Security> - The document fields that the owners of the role have read access to.
- Names List<string>
- A list of indices (or index name patterns) to which the permissions in this entry apply.
- Privileges List<string>
- The index level privileges that the owners of the role have on the specified indices.
- Query string
- A search query that defines the documents the owners of the role have read access to.
- Allow
Restricted boolIndices - Include matching restricted indices in names parameter.
- Field
Securities []GetElasticsearch Security Role Index Field Security - The document fields that the owners of the role have read access to.
- Names []string
- A list of indices (or index name patterns) to which the permissions in this entry apply.
- Privileges []string
- The index level privileges that the owners of the role have on the specified indices.
- Query string
- A search query that defines the documents the owners of the role have read access to.
- allow_
restricted_ boolindices - Include matching restricted indices in names parameter.
- field_
securities list(object) - The document fields that the owners of the role have read access to.
- names list(string)
- A list of indices (or index name patterns) to which the permissions in this entry apply.
- privileges list(string)
- The index level privileges that the owners of the role have on the specified indices.
- query string
- A search query that defines the documents the owners of the role have read access to.
- allow
Restricted BooleanIndices - Include matching restricted indices in names parameter.
- field
Securities List<GetElasticsearch Security Role Index Field Security> - The document fields that the owners of the role have read access to.
- names List<String>
- A list of indices (or index name patterns) to which the permissions in this entry apply.
- privileges List<String>
- The index level privileges that the owners of the role have on the specified indices.
- query String
- A search query that defines the documents the owners of the role have read access to.
- allow
Restricted booleanIndices - Include matching restricted indices in names parameter.
- field
Securities GetElasticsearch Security Role Index Field Security[] - The document fields that the owners of the role have read access to.
- names string[]
- A list of indices (or index name patterns) to which the permissions in this entry apply.
- privileges string[]
- The index level privileges that the owners of the role have on the specified indices.
- query string
- A search query that defines the documents the owners of the role have read access to.
- allow_
restricted_ boolindices - Include matching restricted indices in names parameter.
- field_
securities Sequence[GetElasticsearch Security Role Index Field Security] - The document fields that the owners of the role have read access to.
- names Sequence[str]
- A list of indices (or index name patterns) to which the permissions in this entry apply.
- privileges Sequence[str]
- The index level privileges that the owners of the role have on the specified indices.
- query str
- A search query that defines the documents the owners of the role have read access to.
- allow
Restricted BooleanIndices - Include matching restricted indices in names parameter.
- field
Securities List<Property Map> - The document fields that the owners of the role have read access to.
- names List<String>
- A list of indices (or index name patterns) to which the permissions in this entry apply.
- privileges List<String>
- The index level privileges that the owners of the role have on the specified indices.
- query String
- A search query that defines the documents the owners of the role have read access to.
GetElasticsearchSecurityRoleIndexFieldSecurity
GetElasticsearchSecurityRoleRemoteIndex
- Clusters List<string>
- A list of cluster aliases to which the permissions in this entry apply.
- Field
Securities List<GetElasticsearch Security Role Remote Index Field Security> - The document fields that the owners of the role have read access to.
- Names List<string>
- A list of indices (or index name patterns) to which the permissions in this entry apply.
- Privileges List<string>
- The index level privileges that the owners of the role have on the specified indices.
- Query string
- A search query that defines the documents the owners of the role have read access to.
- Clusters []string
- A list of cluster aliases to which the permissions in this entry apply.
- Field
Securities []GetElasticsearch Security Role Remote Index Field Security - The document fields that the owners of the role have read access to.
- Names []string
- A list of indices (or index name patterns) to which the permissions in this entry apply.
- Privileges []string
- The index level privileges that the owners of the role have on the specified indices.
- Query string
- A search query that defines the documents the owners of the role have read access to.
- clusters list(string)
- A list of cluster aliases to which the permissions in this entry apply.
- field_
securities list(object) - The document fields that the owners of the role have read access to.
- names list(string)
- A list of indices (or index name patterns) to which the permissions in this entry apply.
- privileges list(string)
- The index level privileges that the owners of the role have on the specified indices.
- query string
- A search query that defines the documents the owners of the role have read access to.
- clusters List<String>
- A list of cluster aliases to which the permissions in this entry apply.
- field
Securities List<GetElasticsearch Security Role Remote Index Field Security> - The document fields that the owners of the role have read access to.
- names List<String>
- A list of indices (or index name patterns) to which the permissions in this entry apply.
- privileges List<String>
- The index level privileges that the owners of the role have on the specified indices.
- query String
- A search query that defines the documents the owners of the role have read access to.
- clusters string[]
- A list of cluster aliases to which the permissions in this entry apply.
- field
Securities GetElasticsearch Security Role Remote Index Field Security[] - The document fields that the owners of the role have read access to.
- names string[]
- A list of indices (or index name patterns) to which the permissions in this entry apply.
- privileges string[]
- The index level privileges that the owners of the role have on the specified indices.
- query string
- A search query that defines the documents the owners of the role have read access to.
- clusters Sequence[str]
- A list of cluster aliases to which the permissions in this entry apply.
- field_
securities Sequence[GetElasticsearch Security Role Remote Index Field Security] - The document fields that the owners of the role have read access to.
- names Sequence[str]
- A list of indices (or index name patterns) to which the permissions in this entry apply.
- privileges Sequence[str]
- The index level privileges that the owners of the role have on the specified indices.
- query str
- A search query that defines the documents the owners of the role have read access to.
- clusters List<String>
- A list of cluster aliases to which the permissions in this entry apply.
- field
Securities List<Property Map> - The document fields that the owners of the role have read access to.
- names List<String>
- A list of indices (or index name patterns) to which the permissions in this entry apply.
- privileges List<String>
- The index level privileges that the owners of the role have on the specified indices.
- query String
- A search query that defines the documents the owners of the role have read access to.
GetElasticsearchSecurityRoleRemoteIndexFieldSecurity
Package Details
- Repository
- elasticstack elastic/terraform-provider-elasticstack
- License
- Notes
- This Pulumi package is based on the
elasticstackTerraform Provider.
Viewing docs for elasticstack 0.15.0
published on Thursday, May 14, 2026 by elastic
published on Thursday, May 14, 2026 by elastic
