Group account resources let you create, retrieve information about, modify, and delete group accounts. The table below provides information about these resources.
Data type |
Method |
Use |
Access |
Notes |
---|---|---|---|---|
groupAccount |
Create a group account for a tenant |
Tenant-level user account with the security role |
You can create a group account only if HCP is configured to support AD. |
|
List |
Retrieve a list of the group accounts defined for a tenant |
Tenant-level user account with the monitor, administrator, or security role |
The listed group accounts are identified by the group name. In XML, each listed group account is the value of an element named groupname. In JSON, the name in the name/value pair that lists the group accounts is groupname. |
|
N/A |
Add the security role to an existing group account or create a new group account with the security role |
System-level user account with the administrator role |
For information on the required query parameter for resetting the security group, see Query parameter for resetting the security group. |
|
groupAccount |
Retrieve information about a group account |
Tenant-level user account with the monitor, administrator, or security role |
The information returned depends on the roles associated with the user making the request. |
|
N/A |
Check for the existence of a group account |
Tenant-level user account with the monitor, administrator, or security role |
|
|
groupAccount |
Modify a group account |
Tenant-level user account with the administrator or security role |
A user with only the administrator role can modify only the allow-NamespaceManagement property. A user with only the security role cannot modify that property. |
|
N/A |
Delete a group account |
Tenant-level user account with the security role |
|
|
.../tenants/tenant-name/groupAccounts/group-name/dataAccessPermissions |
||||
dataAccess |
Retrieve information about the data access permissions associated with a group account |
Tenant-level user account with the administrator, security, or monitor role |
|
|
Modify the data access permissions associated with a group account |
Tenant-level user account with the administrator role |
The request body must contain all permissions granted for each included namespace. If a namespace is not included, its permissions are not changed by the POST request. By default, when you create a group account, it does not include any data access permissions. |
© 2016 Hitachi Data Systems Corporation. All rights reserved.