Limiting access to a tenant for higher-level administrators


This procedure is not applicable to unit tenants.

  1. Authenticate to the cloud platform via the Python shell.

    The following variables should be available now:

    >>> base_url  # the base URL of the API
    >>> auth  # the 'Authorization' header value with the access token
    {'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImMwMD...'}
    >>> tenant_id  # the UUID of the tenant to which the token provides access
  2. Assign either of the following values to the tenant_id variable – the UUID of a sub-tenant created via the API or a sub-tenant found by its name:

    >>> tenant_id = created_tenant_id
    >>> tenant_id
  3. Obtain the number of the latest tenant revision. You will have to specify this number in a subsequent request to the tenant. This is required to manage concurrent tenant modifications.

    1. Fetch the tenant information as described in steps 3-5 of “Fetching information about an individual tenant”. As the result, you should have a tenant variable with the tenant object.

    2. Define a variable named tenant_version, and then assign the value of the version key from the tenant object to this variable:

      >>> tenant_version = tenant['version']
      >>> tenant_version
  4. Define a variable named tenant_update, and then assign the following object to this variable:

    >>> tenant_update = {
    ...     'ancestral_access': False,
    ...     'version': tenant_version,  # this key is required
    ... }
  5. Convert the tenant_update object to a JSON text:

    >>> tenant_update = json.dumps(tenant_update, indent=4)
    >>> print(tenant_update)
        "ancestral_access": false,
        "version": 3
  6. Send a PUT request with the JSON text to the /tenants/{tenant_id} endpoint:

    >>> response = requests.put(
    ...     f'{base_url}/tenants/{tenant_id}',
    ...     headers={'Content-Type': 'application/json', **auth},
    ...     data=tenant_update,
    ... )
  7. Check the status code of the response:

    >>> response.status_code

    Status code 200 means that the platform has limited access to the tenant for higher-level administrators. These administrators can only modify the tenant properties. They do not have access to the user accounts and child tenants at all.

    A different status code means that an error has occurred. For the details, refer to “Status and error codes”.