[ceph-users] two keys for one single uid

David Turner drakonstein at gmail.com
Thu Nov 23 05:04:37 PST 2017


I use subusers for RGW s3 soon Jewel. It's identical to a user create
command, but with the additional --subuser= and something like --access=.
I haven't been near a computer since you asked this question so I haven't
been able to give you the proper command. `radosgw-admin --help | less` and
then search for subuser with `/subuser` and you'll see all of the options.
There are also some examples in the ML archives.

On Thu, Nov 23, 2017, 7:22 AM Daniel Picolli Biazus <picollib at gmail.com>
wrote:

> Hey Abhishek!
>
> How can I create a subuser do S3 user ? Could You give me an example?
>
> Best Regards,
>
> 2017-11-23 9:55 GMT-02:00 Abhishek <abhishek at suse.com>:
>
>> On 2017-11-23 12:41, Daniel Picolli Biazus wrote:
>>
>>> Hey David,
>>>
>>
>> You can create multiple keys using key create command
>>
>> radosgw-admin key create --uid=somefoo --key-type=s3
>> --access-key=someaccess --secret=secretsecret
>>
>> for eg.
>>
>>
>>
>>> I thought subusers are used essentially to swift users ? Am I wrong ?
>>> Can I
>>> use it also to S3 ?
>>>
>>
>> Subusers can be used for s3 as well
>>
>> Best
>> Abhishek
>>
>>
>> Best Regards
>>>
>>> 2017-11-23 1:04 GMT-02:00 David Turner <drakonstein at gmail.com>:
>>>
>>> If you create a subuser of the uid, then the subuser can have its own
>>>> name
>>>> and key while being the same user. You can also limit a subuser to read,
>>>> write, read+write, or full permissions. Full is identical permissions
>>>> for
>>>> the subuser as the user. Full enables creating and deleting buckets.
>>>>
>>>> To list a subuser, you just do a user info on the user and it shows it.
>>>>
>>>> I think you might be able to have multiple keys for a user without
>>>> subusers, but I think subusers is a better method.
>>>>
>>>> On Wed, Nov 22, 2017, 6:26 PM Daniel Picolli Biazus <picollib at gmail.com
>>>> >
>>>> wrote:
>>>>
>>>> Hey Guys,
>>>>>
>>>>> Is it possible generating two keys in one single user/uid on rados S3 ?
>>>>>
>>>>> Something like that:
>>>>>
>>>>> radosgw-admin user info --uid=0001
>>>>> {
>>>>>     "user_id": "0001",
>>>>>     "display_name": "0001",
>>>>>     "email": "",
>>>>>     "suspended": 0,
>>>>>     "max_buckets": 10,
>>>>>     "auid": 0,
>>>>>     "subusers": [],
>>>>>     "keys": [
>>>>>         {
>>>>>             "user": "0001",
>>>>>             "access_key": "foo1",
>>>>>             "secret_key": "bar1"
>>>>>         },
>>>>>         {
>>>>>             "user": "0001",
>>>>>             "access_key": "foo2",
>>>>>             "secret_key": "bar2"
>>>>>         }
>>>>>     ],
>>>>>     "swift_keys": [],
>>>>>     "caps": [
>>>>>         {
>>>>>             "type": "usage",
>>>>>             "perm": "*"
>>>>>         },
>>>>>         {
>>>>>             "type": "users",
>>>>>             "perm": "read"
>>>>>         }
>>>>>     ],
>>>>>     "op_mask": "read, write, delete",
>>>>>     "default_placement": "",
>>>>>     "placement_tags": [],
>>>>>     "bucket_quota": {
>>>>>         "enabled": false,
>>>>>         "max_size_kb": -1,
>>>>>         "max_objects": -1
>>>>>     },
>>>>>     "user_quota": {
>>>>>         "enabled": true,
>>>>>         "max_size_kb": 1048576000000,
>>>>>         "max_objects": -1
>>>>>     },
>>>>>     "temp_url_keys": []
>>>>> }
>>>>>
>>>>>
>>>>> Best Regards,
>>>>> Biazus
>>>>> _______________________________________________
>>>>> ceph-users mailing list
>>>>> ceph-users at lists.ceph.com
>>>>> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>>>>>
>>>>>
>>>>
>>> _______________________________________________
>>> ceph-users mailing list
>>> ceph-users at lists.ceph.com
>>> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ceph.com/pipermail/ceph-users-ceph.com/attachments/20171123/f16b5ac6/attachment.html>


More information about the ceph-users mailing list