Retrieves information about service accounts.
Currently, only the elastic/fleet-server service account is available.
GET /_security/service
GET /_security/service/<namespace>
GET /_security/service/<namespace>/<service>
-
To use this API, you must have at least the
manage_service_accountcluster privilege.
-
namespace -
(Optional, string) Name of the namespace. Omit this parameter to retrieve information about all service accounts. If you omit this parameter, you must also omit the
serviceparameter. -
service -
(Optional, string) Name of the service name. Omit this parameter to
retrieve information about all service accounts that belong to the specified
namespace.
A successful call returns a JSON object of service accounts. The API returns an empty object if no service account is found.
To following request retrieves a service account for the elastic/fleet-server
service account:
GET /_security/service/elastic/fleet-server
{
"elastic/fleet-server": {
"role_descriptor": {
"cluster": [
"monitor",
"manage_own_api_key"
],
"indices": [
{
"names": [
"logs-*",
"metrics-*",
"traces-*",
"synthetics-*",
".logs-endpoint.diagnostic.collection-*",
".logs-endpoint.action.responses-*"
],
"privileges": [
"write",
"create_index",
"auto_configure"
],
"allow_restricted_indices": false
},
{
"names" : [
"traces-apm.sampled-*"
],
"privileges" : [
"read",
"monitor",
"maintenance"
],
"allow_restricted_indices": false
},
{
"names": [
".fleet-*"
],
"privileges": [
"read",
"write",
"monitor",
"create_index",
"auto_configure",
"maintenance"
],
"allow_restricted_indices": true
}
],
"applications": [
{
"application" : "kibana-*",
"privileges" : [
"reserved_fleet-setup"
],
"resources" : [
"*"
]
}
],
"run_as": [],
"metadata": {},
"transient_metadata": {
"enabled": true
}
}
}
}
Omit the namespace and service to retrieve all service accounts:
GET /_security/service