On Fri, Dec 2, 2016 at 3:18 AM, Yang Joseph <joseph.yang@xxxxxxxxxxxx> wrote: > Hello, > > I would like only to allow the user to read the object in a already existed > bucket, and not allow users > to create new bucket. It supposed to execute the following command: > > $ radosgw-admin metadata put user:test3 < ... > ... > "caps": [ > { > "type": "buckets", > "perm": "read" > } > > But why user test3 can still create new bucket after I have set its caps to > "buckets=read"? > Because this cap is unrelated. iirc starting at jewel you can do: $ radosgw-admin user modify --uid=test3 --max-buckets=-1 Yehuda _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com