Hi Myxingkong,
http://docs.ceph.com/docs/nautilus/mgr/restful/ is for the Manager module of ceph. This is not related to rgw.
Please try attaching a policy by configuring s3curl tool.
Thanks,
Pritha
On Mon, Mar 11, 2019 at 3:43 PM myxingkong <admin@xxxxxxxxxxx> wrote:
Hi Pritha:This is the documentation for configuring restful modules:The command given according to the official documentation is to attach the permission policy through the REST API.This is the documentation for STS lite:My version of ceph is: ceph version 14.1.0 (adfd524c32325562f61c055a81dba4cb1b117e84) nautilus (dev)
Thanks,myxingkongOn 3/11/2019 18:06,Pritha Srivastava<prsrivas@xxxxxxxxxx> wrote:PrithaThanks,Right now there is no other way to attach a permission policy to a user.Hi Myxingkong,Can you explain what you mean by 'enabling restful modules', particularly which document are you referring to?
There is work in progress for adding functionality to RGW using which such calls can be scripted using boto.On Mon, Mar 11, 2019 at 3:21 PM myxingkong <admin@xxxxxxxxxxx> wrote:_______________________________________________Hello:I want to use the GetSessionToken method to get the temporary credentials, but according to the answer given in the official documentation, I need to attach a permission policy to the user before I can use the GetSessionToken method.This is the command for the additional permission policy provided by the official documentation:s3curl.pl --debug --id admin -- -s -v -X POST "http://localhost:8000/?Action="">"Version\":\"2012-10-17\",\"Statement\":\[\{\"Effect\":\"Deny\",\"Action\":\"s3:*\",\"Resource\":\[\"*\"\],\"Condition\":\{\"BoolIfExists\":\{\"sts:authentication\":\"false\"\}\}\},\{\"Effect\":\"Allow\",\"Action\":\"sts:GetSessionToken\",\"Resource\":\"*\",\"Condition\":\{\"BoolIfExists\":\{\"sts:authentication\":\"false\"\}\}\}\]\}&Version=2010-05-08"This requires enabling restful modules to execute this command.I configured the restful module according to the documentation, but without success, I was unable to configure the SSL certificate.ceph config-key set mgr/restful/crt -i restful.crtWARNING: it looks like you might be trying to set a ceph-mgr module configuration key. Since Ceph 13.0.0 (Mimic), mgr module configuration is done with `config set`, and new values set using `config-key set` will be ignored.set mgr/restful/crtCan someone tell me if there is a way to configure a restful module's certificate, or if there is another way to attach permission policies to users?Thanks,myxingkong
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com