User capabilities in CephObjectStoreUser - OpenShift Data Foundation 4.15 Developer preview

Resolution

Administrator-like capabilities are provided for Ceph RADOS Gateway (RGW) users with the help of user capabilities. In OpenShift Data Foundation, you can set these capabilities with the help of CephObjectStore CRD so that the end users can send requests to the RGW server using the libraries like go-ceph similar to radosgw-admin commands.

An example of cephobjectstoreuser.yaml:

apiVersion: ceph.rook.io/v1
kind: CephObjectStoreUser
metadata:
  name: myUser
  namespace: openshift-storage
spec:
  store: my-store
  displayName: my display name
  capabilities:
    user: “*”
    bucket: “*”

To create the user, use the following command in the command-line interface:

oc create -f cephobjectstoreuser.yaml

OpenShift Data Foundation supports only capabilities like users, buckets, and roles. However, Red Hat Ceph Storage supports more capabilities.

For more information, see

• Ceph Object Gateway administrative API
• Add and remove admin capabilities

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.