On Wed, Sep 06, 2017 at 02:08:14PM +0000, Engelmann Florian wrote:
> we are running a luminous cluster and three radosgw to serve a s3 compatible objectstore. As we are (currently) not using Openstack we have to use the RadosGW Admin API to get our billing data. I tried to access the API with pathon like:
>
> [...]
> import rgwadmin
> [...]
> Users = radosgw.get_users()
> [...]
>
> But I get a 403 "AccessDenied" using python 2.7.13.
>
> What's the easiest method to access the Admin API from a remote host?
You can have a look at why it's generating the 403, if you increase the
debug level of rgw & civetweb.
The user associated with the access key & secret key tuple you're using
DOES need to have user capabilities for reading users.
$ sudo radosgw-admin metadata get user:MYADMINUSER-REDACTED
{
"key": "user:MYADMINUSER-REDACTED",
...
"data": {
"user_id": "MYADMINUSER-REDACTED",
"display_name": "MYADMINUSER-REDACTED",
...,
"caps": [
{
"type": "buckets",
"perm": "read"
},
{
"type": "usage",
"perm": "read"
},
{
"type": "users",
"perm": "*"
}
],
"system": "true",
...,
--
Robin Hugh Johnson
Gentoo Linux: Dev, Infra Lead, Foundation Asst. Treasurer
E-Mail : robbat2@xxxxxxxxxx
GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85
GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
