Hello Ceph:)
We are wondering if it is possible to create some RadosGW
credentials/user with readonly (and allowed to list everything) on all
buckets. We are working on a backup strategy, and it would be nice if
there was a user that can list all buckets and read all object from all
users, with just one access-key/secret-key pair. Is that possible?
Ceph Squid does support the IAM API, but that just raises more questions
than it answers. Can we get this readonly access across all tenants, for
all users and buckets, globally? I would assume that tenants are now
somewhat isolated, so maybe this is not possible. The rules of this are
fairly unclear to me currently, especially because so far I've assumed
that bucket names are globally unique, which i am no longer sure of with
multitenancy.
Thank you,
Jacques Hoffmann
--
Jacques Hoffmann <jacques.hoffm...@vis.ethz.ch>
VIS - Verein der Informatikstudierenden an der ETH Zürich
CAB E 31, Universitätstr. 6, ETH Zentrum, CH-8092 Zürich
https://www.vis.ethz.ch
_______________________________________________
ceph-users mailing list -- ceph-users@ceph.io
To unsubscribe send an email to ceph-users-le...@ceph.io
