Update a cross-cluster API key
Generally available
Update the attributes of an existing cross-cluster API key, which is used for API key based remote cluster access.
To use this API, you must have at least the manage_security
cluster privilege.
Users can only update API keys that they created.
To update another user's API key, use the run_as
feature to submit a request on behalf of another user.
IMPORTANT: It's not possible to use an API key as the authentication credential for this API. To update an API key, the owner user's credentials are required.
It's not possible to update expired API keys, or API keys that have been invalidated by the invalidate API key API.
This API supports updates to an API key's access scope, metadata, and expiration.
The owner user's information, such as the username
and realm
, is also updated automatically on every call.
NOTE: This API cannot update REST API keys, which should be updated by either the update API key or bulk update API keys API.
To learn more about how to use this API, refer to the Update cross cluter API key API examples page.
Required authorization
- Cluster privileges:
manage_security
Body
Required
-
The access to be granted to this API key. The access is composed of permissions for cross cluster search and cross cluster replication. At least one of them must be specified. When specified, the new access assignment fully replaces the previously assigned access.
-
The expiration time for the API key. By default, API keys never expire. This property can be omitted to leave the value unchanged.
-
Arbitrary metadata that you want to associate with the API key. It supports nested data structure. Within the metadata object, keys beginning with
_
are reserved for system usage. When specified, this information fully replaces metadata previously associated with the API key.
PUT /_security/cross_cluster/api_key/VuaCfGcBCdbkQm-e5aOx
{
"access": {
"replication": [
{
"names": ["archive"]
}
]
},
"metadata": {
"application": "replication"
}
}
resp = client.security.update_cross_cluster_api_key(
id="VuaCfGcBCdbkQm-e5aOx",
access={
"replication": [
{
"names": [
"archive"
]
}
]
},
metadata={
"application": "replication"
},
)
const response = await client.security.updateCrossClusterApiKey({
id: "VuaCfGcBCdbkQm-e5aOx",
access: {
replication: [
{
names: ["archive"],
},
],
},
metadata: {
application: "replication",
},
});
response = client.security.update_cross_cluster_api_key(
id: "VuaCfGcBCdbkQm-e5aOx",
body: {
"access": {
"replication": [
{
"names": [
"archive"
]
}
]
},
"metadata": {
"application": "replication"
}
}
)
$resp = $client->security()->updateCrossClusterApiKey([
"id" => "VuaCfGcBCdbkQm-e5aOx",
"body" => [
"access" => [
"replication" => array(
[
"names" => array(
"archive",
),
],
),
],
"metadata" => [
"application" => "replication",
],
],
]);
curl -X PUT -H "Authorization: ApiKey $ELASTIC_API_KEY" -H "Content-Type: application/json" -d '{"access":{"replication":[{"names":["archive"]}]},"metadata":{"application":"replication"}}' "$ELASTICSEARCH_URL/_security/cross_cluster/api_key/VuaCfGcBCdbkQm-e5aOx"
client.security().updateCrossClusterApiKey(u -> u
.access(a -> a
.replication(r -> r
.names("archive")
)
)
.id("VuaCfGcBCdbkQm-e5aOx")
.metadata("application", JsonData.fromJson("\"replication\""))
);
{
"access": {
"replication": [
{
"names": ["archive"]
}
]
},
"metadata": {
"application": "replication"
}
}
{
"updated": true
}