On Wed, Sep 06, 2017 at 02:08:14PM +0000, Engelmann Florian wrote: > we are running a luminous cluster and three radosgw to serve a s3 compatible > objectstore. As we are (currently) not using Openstack we have to use the > RadosGW Admin API to get our billing data. I tried to access the API with > pathon like: > > [...] > import rgwadmin > [...] > Users = radosgw.get_users() > [...] > > But I get a 403 "AccessDenied" using python 2.7.13. > > What's the easiest method to access the Admin API from a remote host? You can have a look at why it's generating the 403, if you increase the debug level of rgw & civetweb.
The user associated with the access key & secret key tuple you're using
DOES need to have user capabilities for reading users.
$ sudo radosgw-admin metadata get user:MYADMINUSER-REDACTED
{
"key": "user:MYADMINUSER-REDACTED",
...
"data": {
"user_id": "MYADMINUSER-REDACTED",
"display_name": "MYADMINUSER-REDACTED",
...,
"caps": [
{
"type": "buckets",
"perm": "read"
},
{
"type": "usage",
"perm": "read"
},
{
"type": "users",
"perm": "*"
}
],
"system": "true",
...,
--
Robin Hugh Johnson
Gentoo Linux: Dev, Infra Lead, Foundation Asst. Treasurer
E-Mail : [email protected]
GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85
GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136
signature.asc
Description: Digital signature
_______________________________________________ ceph-users mailing list [email protected] http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
