[ceph-users] two keys for one single uid

Daniel Picolli Biazus picollib at gmail.com
Thu Nov 23 08:08:18 PST 2017


Thank You Guys,

The right command is:

radosgw-admin subuser create --uid=0001 --subuser=0001-read  --access=read
--key-type=s3 --gen-access-key --gen-secret


Best Regards

2017-11-23 11:04 GMT-02:00 David Turner <drakonstein at gmail.com>:

> I use subusers for RGW s3 soon Jewel. It's identical to a user create
> command, but with the additional --subuser= and something like --access=.
> I haven't been near a computer since you asked this question so I haven't
> been able to give you the proper command. `radosgw-admin --help | less` and
> then search for subuser with `/subuser` and you'll see all of the options.
> There are also some examples in the ML archives.
>
> On Thu, Nov 23, 2017, 7:22 AM Daniel Picolli Biazus <picollib at gmail.com>
> wrote:
>
>> Hey Abhishek!
>>
>> How can I create a subuser do S3 user ? Could You give me an example?
>>
>> Best Regards,
>>
>> 2017-11-23 9:55 GMT-02:00 Abhishek <abhishek at suse.com>:
>>
>>> On 2017-11-23 12:41, Daniel Picolli Biazus wrote:
>>>
>>>> Hey David,
>>>>
>>>
>>> You can create multiple keys using key create command
>>>
>>> radosgw-admin key create --uid=somefoo --key-type=s3
>>> --access-key=someaccess --secret=secretsecret
>>>
>>> for eg.
>>>
>>>
>>>
>>>> I thought subusers are used essentially to swift users ? Am I wrong ?
>>>> Can I
>>>> use it also to S3 ?
>>>>
>>>
>>> Subusers can be used for s3 as well
>>>
>>> Best
>>> Abhishek
>>>
>>>
>>> Best Regards
>>>>
>>>> 2017-11-23 1:04 GMT-02:00 David Turner <drakonstein at gmail.com>:
>>>>
>>>> If you create a subuser of the uid, then the subuser can have its own
>>>>> name
>>>>> and key while being the same user. You can also limit a subuser to
>>>>> read,
>>>>> write, read+write, or full permissions. Full is identical permissions
>>>>> for
>>>>> the subuser as the user. Full enables creating and deleting buckets.
>>>>>
>>>>> To list a subuser, you just do a user info on the user and it shows it.
>>>>>
>>>>> I think you might be able to have multiple keys for a user without
>>>>> subusers, but I think subusers is a better method.
>>>>>
>>>>> On Wed, Nov 22, 2017, 6:26 PM Daniel Picolli Biazus <
>>>>> picollib at gmail.com>
>>>>> wrote:
>>>>>
>>>>> Hey Guys,
>>>>>>
>>>>>> Is it possible generating two keys in one single user/uid on rados S3
>>>>>> ?
>>>>>>
>>>>>> Something like that:
>>>>>>
>>>>>> radosgw-admin user info --uid=0001
>>>>>> {
>>>>>>     "user_id": "0001",
>>>>>>     "display_name": "0001",
>>>>>>     "email": "",
>>>>>>     "suspended": 0,
>>>>>>     "max_buckets": 10,
>>>>>>     "auid": 0,
>>>>>>     "subusers": [],
>>>>>>     "keys": [
>>>>>>         {
>>>>>>             "user": "0001",
>>>>>>             "access_key": "foo1",
>>>>>>             "secret_key": "bar1"
>>>>>>         },
>>>>>>         {
>>>>>>             "user": "0001",
>>>>>>             "access_key": "foo2",
>>>>>>             "secret_key": "bar2"
>>>>>>         }
>>>>>>     ],
>>>>>>     "swift_keys": [],
>>>>>>     "caps": [
>>>>>>         {
>>>>>>             "type": "usage",
>>>>>>             "perm": "*"
>>>>>>         },
>>>>>>         {
>>>>>>             "type": "users",
>>>>>>             "perm": "read"
>>>>>>         }
>>>>>>     ],
>>>>>>     "op_mask": "read, write, delete",
>>>>>>     "default_placement": "",
>>>>>>     "placement_tags": [],
>>>>>>     "bucket_quota": {
>>>>>>         "enabled": false,
>>>>>>         "max_size_kb": -1,
>>>>>>         "max_objects": -1
>>>>>>     },
>>>>>>     "user_quota": {
>>>>>>         "enabled": true,
>>>>>>         "max_size_kb": 1048576000000,
>>>>>>         "max_objects": -1
>>>>>>     },
>>>>>>     "temp_url_keys": []
>>>>>> }
>>>>>>
>>>>>>
>>>>>> Best Regards,
>>>>>> Biazus
>>>>>> _______________________________________________
>>>>>> ceph-users mailing list
>>>>>> ceph-users at lists.ceph.com
>>>>>> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>>>>>>
>>>>>>
>>>>>
>>>> _______________________________________________
>>>> ceph-users mailing list
>>>> ceph-users at lists.ceph.com
>>>> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>>>>
>>>
>>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ceph.com/pipermail/ceph-users-ceph.com/attachments/20171123/5f68a9fe/attachment.html>


More information about the ceph-users mailing list