I don't think it's well-integrated with the tooling, but check out the cephx docs for the "prefix" level of access. It lets you grant access only to objects whose name matches a prefix, which for rbd would be the rbd volume ID (or name? Something easy to identify).
-Greg
On Fri, Feb 2, 2018 at 7:42 AM <knawnd@xxxxxxxxx> wrote:
Hello!
I wonder if it's possible in ceph Luminous to manage user access to rbd images on per image (but not
the whole rbd pool) basis?
I need to provide rbd images for my users but would like to disable their ability to list all images
in a pool as well as to somehow access/use ones if a ceph admin didn't authorize that.
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
