On 01/08/2014 04:25 AM, Blair Nilsson wrote:
nope, doesn't work...I have an admin user... with the right caps. { "user_id": "admin2", "display_name": "Admin 2admin", "email": "", "suspended": 0, "max_buckets": 1000, "auid": 0, "subusers": [], "keys": [ { "user": "admin2", "access_key": "1DNQ2FK80XQZJMB14W1C", "secret_key": "BJDKNhMnCc4Cib+3QIdSGMR4yOE0YVJVS9HCuAmW"}, { "user": "admin2", "access_key": "KXH0BM1IQ9CP24IB9IP9", "secret_key": "wbtya+dX505X7zdfKKh926nbbRtBnLW8ghHAQo9j"}], "swift_keys": [], "caps": [ { "type": "buckets", "perm": "*"}, { "type": "usage", "perm": "*"}, { "type": "users", "perm": "*"}], "op_mask": "read, write, delete", "default_placement": "", "placement_tags": [], "bucket_quota": { "enabled": false, "max_size_kb": -1, "max_objects": -1}} but.... ./s3curl.pl <http://s3curl.pl/> --id=admin -- http://162.243.33.180/admin/user gives me {"Code":"AccessDenied"} however... I CAN use ./s3curl.pl <http://s3curl.pl/> --id=admin -- http://162.243.33.180/admin/bucket and it gives me. ["files.wyaeld.com <http://files.wyaeld.com/>","private.wyaeld.com <http://private.wyaeld.com/>"] which are the 2 buckets in the system. Any ideas on what is going on?
So what Ceph version do you use? Since I've been running into the same problem.
I could however query for a user, but a PUT request to create a user would always give me AccessDenied.
I'm running 0.67.5 Dumpling. Wido
On Fri, Dec 20, 2013 at 7:47 PM, JuanJose Galvez <[email protected] <mailto:[email protected]>> wrote: On 12/19/2013 2:02 PM, Blair Nilsson wrote:How do find or create a user that can use the admin operations for the object gateway? The manual says "Some operations require that the user holds special administrative capabilities." But I can't find if there is a pre setup user with these, or how to create one myself.You would need to create the user. As an example I just created the following on my cluster: radosgw-admin user create --uid=admin --display-name="JuanJose Galvez" --caps="usage=read, write; users=read, write; buckets=read, write;" You'll notice in the output that it has the following capabilities which normal users do not have: "caps": [ { "type": "buckets", "perm": "*"}, { "type": "usage", "perm": "*"}, { "type": "users", "perm": "*"}], I hope that helps. If you need more information on the API and what caps are needed for which functions that is found over here: http://ceph.com/docs/master/radosgw/adminops/_______________________________________________ ceph-users mailing list [email protected] <mailto:[email protected]> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com-- JuanJose "JJ" Galvez Professional Services Inktank Storage, Inc. LinkedIn:http://www.linkedin.com/in/jjgalvez _______________________________________________ ceph-users mailing list [email protected] <mailto:[email protected]> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com _______________________________________________ ceph-users mailing list [email protected] http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
-- Wido den Hollander 42on B.V. Phone: +31 (0)20 700 9902 Skype: contact42on _______________________________________________ ceph-users mailing list [email protected] http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
