Add more examples

Author: lcawl

specification/security/authenticate/examples/response/SecurityAuthenticateResponseExample1.yaml

@@ -21,4 +21,4 @@ value: |-
       "type" : "file"
     },
     "authentication_type": "realm"
-  }
+  }

specification/security/bulk_delete_role/examples/request/SecurityBulkDeleteRoleRequestExample1.yaml

@@ -0,0 +1,9 @@
+summary: Bulk delete example 1
+# method_request: DELETE /_security/role
+description: >
+  Run DELETE /_security/role` to delete `my_admin_role` and `my_user_role` roles.
+# type: request
+value: |-
+  {
+    "names": ["my_admin_role", "my_user_role"]
+  }

specification/security/bulk_delete_role/examples/response/SecurityBulkDeleteRoleResponseExample1.yaml

@@ -0,0 +1,11 @@
+summary: A successful response
+description: A successful response from `DELETE /_security/role`.
+# type: response
+# response_code:
+value: |-
+  {
+    "deleted": [
+        "my_admin_role",
+        "my_user_role"
+    ]
+  }

specification/security/bulk_delete_role/examples/response/SecurityBulkDeleteRoleResponseExample2.yaml

@@ -0,0 +1,15 @@
+summary: A response with not_found roles
+description: >
+  A partially successful response from `DELETE /_security/role`.
+  If a role cannot be found, it appears in the `not_found` list in the response.
+# type: response
+# response_code:
+value: |-
+  {
+    "deleted": [
+        "my_admin_role"
+    ],
+    "not_found": [
+        "not_an_existing_role"
+    ]
+  }

specification/security/bulk_delete_role/examples/response/SecurityBulkDeleteRoleResponseExample3.yaml

@@ -0,0 +1,21 @@
+summary: A response with errors
+description: >
+  A partially successful response from `DELETE /_security/role`.
+  If part of a request fails or is invalid, the response includes `errors`.
+# type: response
+# response_code:
+value: |-
+  {
+    "deleted": [
+        "my_admin_role"
+    ],
+    "errors": {
+        "count": 1,
+        "details": {
+            "superuser": {
+                "type": "illegal_argument_exception",
+                "reason": "role [superuser] is reserved and cannot be deleted"
+            }
+        }
+    }
+  }

specification/security/bulk_put_role/examples/request/SecurityBulkPutRoleRequestExample1.yaml

@@ -0,0 +1,91 @@
+summary: Bulk role success
+# method_request: POST /_security/role
+description: >
+  Run `POST /_security/role` to add roles called `my_admin_role` and `my_user_role`.
+# type: request
+value: |-
+  {
+    "roles": {
+        "my_admin_role": {
+            "cluster": [
+                "all"
+            ],
+            "indices": [
+                {
+                    "names": [
+                        "index1",
+                        "index2"
+                    ],
+                    "privileges": [
+                        "all"
+                    ],
+                    "field_security": {
+                        "grant": [
+                            "title",
+                            "body"
+                        ]
+                    },
+                    "query": "{\"match\": {\"title\": \"foo\"}}"
+                }
+            ],
+            "applications": [
+                {
+                    "application": "myapp",
+                    "privileges": [
+                        "admin",
+                        "read"
+                    ],
+                    "resources": [
+                        "*"
+                    ]
+                }
+            ],
+            "run_as": [
+                "other_user"
+            ],
+            "metadata": {
+                "version": 1
+            }
+        },
+        "my_user_role": {
+            "cluster": [
+                "all"
+            ],
+            "indices": [
+                {
+                    "names": [
+                        "index1"
+                    ],
+                    "privileges": [
+                        "read"
+                    ],
+                    "field_security": {
+                        "grant": [
+                            "title",
+                            "body"
+                        ]
+                    },
+                    "query": "{\"match\": {\"title\": \"foo\"}}"
+                }
+            ],
+            "applications": [
+                {
+                    "application": "myapp",
+                    "privileges": [
+                        "admin",
+                        "read"
+                    ],
+                    "resources": [
+                        "*"
+                    ]
+                }
+            ],
+            "run_as": [
+                "other_user"
+            ],
+            "metadata": {
+                "version": 1
+            }
+        }
+    }
+  }

specification/security/bulk_put_role/examples/request/SecurityBulkPutRoleRequestExample2.yaml

@@ -0,0 +1,90 @@
+summary: Bulk role errors
+# method_request: POST /_security/role
+description: >
+  Because errors are handled individually for each role create or update, the API allows partial success.
+  For example, `POST /_security/role` would throw an error for `my_admin_role` because the privilege `bad_cluster_privilege` doesn't exist, but would be successful for the `my_user_role`.
+# type: request
+value: |-
+  {
+    "roles": {
+        "my_admin_role": {
+            "cluster": [
+                "bad_cluster_privilege"
+            ],
+            "indices": [
+                {
+                    "names": [
+                        "index1",
+                        "index2"
+                    ],
+                    "privileges": ["all"],
+                    "field_security": {
+                        "grant": [
+                            "title",
+                            "body"
+                        ]
+                    },
+                    "query": "{\"match\": {\"title\": \"foo\"}}"
+                }
+            ],
+            "applications": [
+                {
+                    "application": "myapp",
+                    "privileges": [
+                        "admin",
+                        "read"
+                    ],
+                    "resources": [
+                        "*"
+                    ]
+                }
+            ],
+            "run_as": [
+                "other_user"
+            ],
+            "metadata": {
+                "version": 1
+            }
+        },
+        "my_user_role": {
+            "cluster": [
+                "all"
+            ],
+            "indices": [
+                {
+                    "names": [
+                        "index1"
+                    ],
+                    "privileges": [
+                        "read"
+                    ],
+                    "field_security": {
+                        "grant": [
+                            "title",
+                            "body"
+                        ]
+                    },
+                    "query": "{\"match\": {\"title\": \"foo\"}}"
+                }
+            ],
+            "applications": [
+                {
+                    "application": "myapp",
+                    "privileges": [
+                        "admin",
+                        "read"
+                    ],
+                    "resources": [
+                        "*"
+                    ]
+                }
+            ],
+            "run_as": [
+                "other_user"
+            ],
+            "metadata": {
+                "version": 1
+            }
+        }
+    }
+  }

specification/security/bulk_put_role/examples/request/SecurityBulkPutRoleRequestExample3.yaml

@@ -0,0 +1,20 @@
+summary: Role example 3
+# method_request: POST /_security/role/only_remote_access_role
+description: Run `POST /_security/role/only_remote_access_role` to configure a role with remote indices and remote cluster privileges for a remote cluster.
+# type: request
+value: |-
+  {
+    "remote_indices": [
+      {
+        "clusters": ["my_remote"], 
+        "names": ["logs*"], 
+        "privileges": ["read", "read_cross_cluster", "view_index_metadata"] 
+      }
+    ],
+    "remote_cluster": [
+      {
+        "clusters": ["my_remote"], 
+        "privileges": ["monitor_stats"]  
+      }
+    ]
+  }

specification/security/bulk_put_role/examples/response/SecurityBulkPutRoleResponseExample1.yaml

@@ -0,0 +1,12 @@
+summary: A successful response
+description: >
+  A successful response from `POST /_security/role/my_admin_role` returns a JSON structure that shows whether the role has been created, updated, or had no changes made.
+# type: response
+# response_code:
+value: |-
+  {
+      "created": [ 
+          "my_admin_role", 
+          "my_user_role"
+      ]
+  }

specification/security/bulk_put_role/examples/response/SecurityBulkPutRoleResponseExample2.yaml

@@ -0,0 +1,22 @@
+summary: A partially successful response
+description: >
+  A partially successful response from `POST /_security/role`.
+  Errors are handled individually for each role create or update, thus the API allows partial success.
+  In this example, the creation of the `my_user_role` role succeeds and the `my_admin_role` role fails.
+# type: response
+# response_code:
+value: |-
+  {
+    "created": [
+        "my_user_role" 
+    ],
+    "errors": { 
+        "count": 1, 
+        "details": {
+            "my_admin_role": { 
+                "type": "action_request_validation_exception",
+                "reason": "Validation Failed: 1: unknown cluster privilege [bad_cluster_privilege]. a privilege must be either one of the predefined cluster privilege names [manage_own_api_key,manage_data_stream_global_retention,monitor_data_stream_global_retention,none,cancel_task,cross_cluster_replication,cross_cluster_search,delegate_pki,grant_api_key,manage_autoscaling,manage_index_templates,manage_logstash_pipelines,manage_oidc,manage_saml,manage_search_application,manage_search_query_rules,manage_search_synonyms,manage_service_account,manage_token,manage_user_profile,monitor_connector,monitor_enrich,monitor_inference,monitor_ml,monitor_rollup,monitor_snapshot,monitor_stats,monitor_text_structure,monitor_watcher,post_behavioral_analytics_event,read_ccr,read_connector_secrets,read_fleet_secrets,read_ilm,read_pipeline,read_security,read_slm,transport_client,write_connector_secrets,write_fleet_secrets,create_snapshot,manage_behavioral_analytics,manage_ccr,manage_connector,manage_enrich,manage_ilm,manage_inference,manage_ml,manage_rollup,manage_slm,manage_watcher,monitor_data_frame_transforms,monitor_transform,manage_api_key,manage_ingest_pipelines,manage_pipeline,manage_data_frame_transforms,manage_transform,manage_security,monitor,manage,all] or a pattern over one of the available cluster actions;"
+            }
+        }
+    }
+  }