Hi.
We have ceph cluster with a lot of users who use S3 and RBD protocols.
Now we need to give access to one use group with OpenStack, so they run
RGW on their side, but we have to set "ceph caps" for this RGW. In the
documentation for OpenStack is following
ceph auth get-or-create client.radosgw osd 'allow rwx' mon 'allow rwx'
-o /etc/ceph/ceph.client.radosgw.keyring
which means full permission. Can we limit the permission somehow so RGW
from OpenStack cannot reach the data of other users? Would it be enough
if RGW has only some swift account?
I would appreciate any advice.
Best regards,
Michal Strnad
_______________________________________________
ceph-users mailing list -- ceph-users@ceph.io
To unsubscribe send an email to ceph-users-le...@ceph.io
