Creating a tenant
January 25, 2024
ID 259250
Depending on the tenant type that you specify when calling the REST API method, the following actions can be performed:
- For a complete tenant:
- Add tenant data to the Integration Server database.
- Create the tenant protection infrastructure in Kaspersky Security Center (virtual Administration Server, account for connecting to it, structure of folders and administration groups).
- Add information about the tenant's virtual Administration Server to the Integration Server database.
- For a simple tenant: add the tenant data to the Integration Server database.
Method:
POST /api/2.0/virtualization/tenants
The following parameters must be specified in the request body:
<tenant>
<name>{name}</name>
<description>{description}</description>
<userData><![CDATA[{additional information}]]></userData>
<preferredViisAddress>{IP address}</preferredViisAddress>
<type>{tenant type}</type>
<!-- Data in the vKsc section is specified only for a complete tenant -->
<vKsc>
<user>
<name>{administrator name}</name>
<password>{administrator password}</password>
</user>
</vKsc>
</tenant>
where:
{name}– tenant name (required parameter).{description}– tenant description (optional parameter).{additional information}– additional tenant information (optional parameter).{IP address}– IP address of the Integration Server to which the Light Agents installed on tenant virtual machines will connect (optional parameter). The specified address is used by default when creating the Light Agent policy. If the parameter is not specified, the policy uses the Integration Server IP address from the request to REST API.{tenant type}– type of tenant:CompleteorSimple(optional parameter).{administrator name}– name of the administrator account used to connect to the tenant's virtual Administration Server (required when creating a complete tenant). The account will be created automatically during the procedure.{administrator password}– Base64-encoded password for the administrator account (required when creating a complete tenant).
The request is executed asynchronously, REST API returns identifier of the CreateTenant task. Using the task, you can monitor the progress of the tenant creation procedure. When the task completes, the result field displays information about the tenant including the identifier of the created tenant, or an error message. In case of an error at any step of the procedure, all the changes are rolled back.
Return codes:
202 (Accepted)– the request is accepted for execution. The response returns the identifier of the CreateTenant task.400 (Bad request) VIRMT_MandatoryParameterIsNotSpecified– one of the required parameters, for example, the tenant name, is not specified in the request body.400 (Bad request) VIRMT_InvalidTenantType– an invalid tenant type is specified in the request body; the specified tenant type does not exist.400 (Bad request) VIRMT_VKscCredentialsNotSpecified– the name or password of the administrator account of the virtual Kaspersky Security Center Administration Server is not specified (when creating a complete tenant).400 (Bad request) VIRMT_InvalidViisAddressFormat– invalid format of the Integration Server IP address.403 (Forbidden)– access to the resource is denied.
Possible error codes in the task:
KSC_ServiceNotConfigured– Kaspersky Security Center connection settings are not specified.VIRMT_TenantGroupAlreadyExists– a folder whose name corresponds to the specified tenant name already exists in Kaspersky Security Center.VIRMT_TenantWithSpecifiedNameAlreadyExists– a tenant with the specified name already exists in the Integration Server database.VIRMT_PasswordNotComplyPolicy– failed to create an administrator account for Kaspersky Security Center virtual Administration Server: the specified password does not meet Kaspersky Security Center password requirements.VIRMT_UserWithSpecifiedNameAlreadyExists– failed to create an administrator account for Kaspersky Security Center virtual Administration Server: a user with the specified name already exists in Kaspersky Security Center.
