Re: [ceph-users] admin user for the object gateway?

Tue, 07 Jan 2014 19:26:06 -0800 

nope, doesn't work...

I have an admin user... with the right caps.



{ "user_id": "admin2",
  "display_name": "Admin 2admin",
  "email": "",
  "suspended": 0,
  "max_buckets": 1000,
  "auid": 0,
  "subusers": [],
  "keys": [
        { "user": "admin2",
          "access_key": "1DNQ2FK80XQZJMB14W1C",
          "secret_key": "BJDKNhMnCc4Cib+3QIdSGMR4yOE0YVJVS9HCuAmW"},
        { "user": "admin2",
          "access_key": "KXH0BM1IQ9CP24IB9IP9",
          "secret_key": "wbtya+dX505X7zdfKKh926nbbRtBnLW8ghHAQo9j"}],
  "swift_keys": [],
  "caps": [
        { "type": "buckets",
          "perm": "*"},
        { "type": "usage",
          "perm": "*"},
        { "type": "users",
          "perm": "*"}],
  "op_mask": "read, write, delete",
  "default_placement": "",
  "placement_tags": [],
  "bucket_quota": { "enabled": false,
      "max_size_kb": -1,
      "max_objects": -1}}

but....

./s3curl.pl --id=admin -- http://162.243.33.180/admin/user

gives me

{"Code":"AccessDenied"}

however... I CAN use

./s3curl.pl --id=admin -- http://162.243.33.180/admin/bucket

and it gives me.

["files.wyaeld.com","private.wyaeld.com"]

which are the 2 buckets in the system.

Any ideas on what is going on?


On Fri, Dec 20, 2013 at 7:47 PM, JuanJose Galvez <
juanjose.gal...@inktank.com> wrote:

>  On 12/19/2013 2:02 PM, Blair Nilsson wrote:
>
>  How do find or create a user that can use the admin operations for the
> object gateway?
>
>  The manual says "Some operations require that the user holds special
> administrative capabilities."
>
>  But I can't find if there is a pre setup user with these, or how to
> create one myself.
>
> You would need to create the user. As an example I just created the
> following on my cluster:
>
> radosgw-admin user create --uid=admin --display-name="JuanJose Galvez"
> --caps="usage=read, write; users=read, write; buckets=read, write;"
>
> You'll notice in the output that it has the following capabilities which
> normal users do not have:
>
>   "caps": [
>         { "type": "buckets",
>           "perm": "*"},
>         { "type": "usage",
>           "perm": "*"},
>         { "type": "users",
>           "perm": "*"}],
>
> I hope that helps. If you need more information on the API and what caps
> are needed for which functions that is found over here:
> http://ceph.com/docs/master/radosgw/adminops/
>
>
>
>
>
>
> _______________________________________________
> ceph-users mailing 
> listceph-us...@lists.ceph.comhttp://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>
>
>
> --
> JuanJose "JJ" Galvez
> Professional Services
> Inktank Storage, Inc.
> LinkedIn: http://www.linkedin.com/in/jjgalvez
>
>
> _______________________________________________
> ceph-users mailing list
> ceph-users@lists.ceph.com
> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>
>

_______________________________________________
ceph-users mailing list
ceph-users@lists.ceph.com
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com

Reply via email to