stack es security query-api-keys cli command

Auth required Idempotent Scope: global

elastic stack es security query-api-keys [options]

Find API keys with a query.

Options

--[no-]with-limited-by

Return the snapshot of the owner user's role descriptors associated with the API key. An API key's actual permission is the intersection of its assigned role descriptors and the owner user's role descriptors (effectively limited by it). An API key cannot retrieve any API key’s limited-by role descriptors (including itself) unless it has manage_api_key or higher privileges.

--[no-]with-profile-uid

Determines whether to also retrieve the profile UID for the API key owner principal. If it exists, the profile UID is returned under the profile_uid response field for each API key.

--[no-]typed-keys

Determines whether aggregation names are prefixed by their respective types in the response.

--aggregations string

Any aggregations to run over the corpus of returned API keys. Aggregations and queries work together. Aggregations are computed only on the API keys that match the query. This supports only a subset of aggregation types, namely: terms, range, date_range, missing, cardinality, value_count, composite, filter, and filters. Additionally, aggregations only run over the same subset of fields that query works with.

--aggs string

--query string

A query to filter which API keys to return. If the query parameter is missing, it is equivalent to a match_all query. The query supports a subset of query types, including match_all, bool, term, terms, match, ids, prefix, wildcard, exists, range, and simple_query_string. You can query the following public information associated with an API key: id, type, name, creation, expiration, invalidated, invalidation, username, realm, and metadata. NOTE: The queryable string values associated with API keys are internally mapped as keywords. Consequently, if no analyzer parameter is specified for a match query, then the provided match query string is interpreted as a single keyword value. Such a match query is hence equivalent to a term query.

--from number

The starting document offset. It must not be negative. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after parameter.

--sort string

The sort definition. Other than id, all public fields of an API key are eligible for sorting. In addition, sort can also be applied to the _doc field to sort by index order.

Repeatable: pass --sort multiple times to supply more than one value

--size number

The number of hits to return. It must not be negative. The size parameter can be set to 0, in which case no API key matches are returned, only the aggregation results. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after parameter.

--search-after string[]

The search after definition.

stack Options

--input-file string: path to a JSON file to use as command input

Global Options

-V --[no-]version: Print the Elastic CLI version
--config-file string: path to a config file (default: ~/.elasticrc.yml)
--use-context string: override the active context from the config file
--command-profile string: restrict available commands to a deployment profile (serverless, stack, default)
--[no-]json: output as JSON
--output-fields string: comma-separated list of fields to include in output (dot-notation supported)
--output-template string: Mustache-like template for custom text output (e.g. "{{id}}: {{name}}")
--[no-]dry-run: validate all inputs and exit without performing any action (preview changes without applying them)