Hi,
I replied to your thread a couple of days ago, maybe you didn't notice:
Restricting user access is possible on rbd image level. You can grant
read/write access for one client and only read access for other
clients, you have to create different clients for that, see [1] for
more details.
Regards,
Eugen
[1]
http://lists.ceph.com/pipermail/ceph-users-ceph.com/2018-February/024424.html
Zitat von cmonty14 <74cmonty@xxxxxxxxx>:
Hi,
I can create a block device user with this command:
ceph auth get-or-create client.{ID} mon 'profile rbd' osd 'profile
{profile name} [pool={pool-name}][, profile ...]'
Question:
How can I create a user that has access only to a specific image
created in pool <poolname>?
If this is not possible this would mean that any user with pool access
can map any image created in this pool.
In my opinion this is a security concern.
THX
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
