Depending on the tenant type that you specify when calling the REST API method, the following actions can be performed:
Policies for enabling and disabling protection are applied only if Kaspersky Security for Virtualization 5.1 Light Agent is installed in the tenant virtual infrastructure. For more information refer to Kaspersky Security for Virtualization 5.1 Light Agent Help.
Method:
POST /api/2.0/virtualization/tenants
The following parameters must be specified in the request body:
<tenant>
<name>{name}</name>
<description>{description}</description>
<userData><![CDATA[{additional information}]]></userData>
<preferredViisAddress>{IP address}</preferredViisAddress>
<type>{tenant type}</type>
<!-- Data in the vKsc section can be specified only for a complete tenant type -->
<vKsc>
<user>
<name>{administrator name}</name>
<password>{administrator password}</password>
</user>
</vKsc>
</tenant>
where:
{name} – tenant name (required parameter).{description} – tenant description (optional parameter).{additional information} – additional information about the tenant (optional parameter).{IP address} – IP address of the Integration Server to which the Light Agents installed on the tenant virtual machines will connect (optional parameter). The specified address is used by default when creating the Light Agent policy. If the parameter is not specified, the policy uses the Integration Server IP address from the request to REST API.{tenant type} – type of tenant: Complete or Simple (optional parameter).{administrator name} – name of the administrator account used to connect to the tenant virtual Administration Server (required when creating a complete tenant type). The account will be created automatically during the procedure.{administrator password} – password for the administrator account encoded by the Base64 method (required when creating a complete tenant type).The request is executed asynchronously, REST API returns identifier of the CreateTenant task. Using the task, you can monitor the progress of the tenant creation procedure. When the task execution completes, the result field displays information about the tenant including the created tenant identifier, or an error message. In case of an error at any step of the procedure, all the changes are rolled back.
Return codes:
202 (Accepted) – the request is accepted for execution. The response returns the identifier of the CreateTenant task.400 (Bad request) VIRMT_MandatoryParameterIsNotSpecified – one of the required parameters is not specified in the request body, for example, the tenant name.400 (Bad request) VIRMT_InvalidTenantType – invalid tenant type is specified in the request body, the specified tenant type does not exist.400 (Bad request) VIRMT_VKscCredentialsNotSpecified – name or password of the administrator account of Kaspersky Security Center virtual Administration Server is not specified (when creating a complete tenant type). 400 (Bad request) VIRMT_InvalidViisAddressFormat – invalid format of the Integration Server IP address.403 (Forbidden) – access to the resource is denied.Possible error codes in the task:
KSC_ServiceNotConfigured – Kaspersky Security Center connection settings are not specified.VIRMT_TenantGroupAlreadyExists – the folder with the name corresponding to the specified tenant name already exists in Kaspersky Security Center.VIRMT_TenantWithSpecifiedNameAlreadyExists – the tenant with the specified name already exists in the Integration Server database.VIRMT_PasswordNotComplyPolicy – failed to create an administrator account for Kaspersky Security Center virtual Administration Server: the specified password does not meet Kaspersky Security Center password requirements.VIRMT_UserWithSpecifiedNameAlreadyExists – failed to create an administrator account for Kaspersky Security Center virtual Administration Server: a user with the specified name already exists in Kaspersky Security Center.