HCP Tenant Management Help


Tenant-level group account resources

Tenant-level group account resources let you create, retrieve information about, modify, and delete tenant-level group accounts. The table below provides information about these resources.

Group account resources are not available for the default tenant.

Data type

Method

Use

Access

Notes

.../tenants/tenant-name/groupAccounts

groupAccount

PUT

Create a group account for a tenant

Tenant-level user account with the security role

You can create a group account only if HCP is configured to support AD.

List

GET

Retrieve a list of the group accounts defined for a tenant

Tenant-level user account with the monitor, administrator, or security role

The listed group accounts are identified by the group name.

In XML, the element that identifies each group account is groupname. The root element for the list of group accounts is groupAccounts.

In JSON, the name in the name/value pair that lists the group accounts is groupname.

.../tenants/tenant-name/groupAccounts/group-name

groupAccount

GET

Retrieve information about a group account

Tenant-level user account with the monitor, administrator, or security role

The information returned depends on the roles associated with the user making the request.

N/A

HEAD

Check for the existence of a group account

Tenant-level user account with the monitor, administrator, or security role

 

groupAccount

POST

Modify a group account

Tenant-level user account with the administrator or security role

A user with only the administrator role can modify only the allow-NamespaceManagement property. A user with only the security role cannot modify that property.

N/A

DELETE

Delete a group account

Tenant-level user account with the security role

 

.../tenants/tenant-name/groupAccounts/group-name/dataAccessPermissions

dataAccess
Permissions

GET

Retrieve information about the data access permissions associated with a group account

Tenant-level user account with the administrator, security, or monitor role

 

POST

Modify the data access permissions associated with a group account

Tenant-level user account with the administrator role

The request body must contain all permissions granted for each included namespace. If a namespace is not included, its permissions are not changed by the POST request.

By default, when you create a group account, it does not include any data access permissions.

© 2015, 2019 Hitachi Vantara Corporation. All rights reserved.