Rgw users are a higher-level feature, and they don't have a direct relationship to rados pools. Their permissions are controlled at the bucket/object level by the S3/Swift APIs. I would start by reading about S3's ACLs and bucket policies. On Mon, May 11, 2020 at 1:42 AM Vishwas Bm <bmvishwas@xxxxxxxxx> wrote: > > Hi, > > I am a newbie to ceph. I have gone through the ceph docs, we are planning > to use rgw for object storage. > > From the docs, what I have understood is that there are two types of users: > 1) ceph storage user > 2) radosgw user > > I am able to create user of both the types. But I am not able to understand > how to restrict the rgw user access to a pool. > > My questions are below: > 1) How to restrict the access of a rgw user to a particular pool ? Can this > be done using placement groups ? > > 2) Is it possible to restrict rgw user access to a particular namespace in > a pool ? > > 3) I can understand the flow till he is able to write to a bucket using the > .index pool object. But I am not able to understand the flow how the rgw > user can write objects in pool. Where can I check the permissions ? > > *Thanks & Regards,* > > *Vishwas * > _______________________________________________ > ceph-users mailing list -- ceph-users@xxxxxxx > To unsubscribe send an email to ceph-users-leave@xxxxxxx > _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |