[ceph-users] Listing S3 buckets of a tenant using admin API

to avoid fetching information for all buckets and filtering in the application layer. Looks like --tenant in CLI would be ideal, but at the moment it expects --uid also be provided. Is there any way to achieve that at the moment? I'm on Ceph 16.2.7 Regards Daniel Iwan

[ceph-users] Re: Create and listing topics with AWS4 fails

d, Jun 23, 2021 at 11:58 AM Daniel Iwan > wrote: > >> Hi Yuval >> >> Thank you very much for the link >> This gave me some useful info from >> https://github.com/ceph/ceph/tree/master/examples/boto3#aws-cli >> >> Regards >> Daniel >> >

[ceph-users] Re: RGW topic created in wrong (default) tenant

Thanks for clarification > according to what i tested, this is not the case. deletion of a topic only > prevents the creation of new notifications with that topic. > it does not effect the deletion of notifications with that topic, not the > actual sending of these notifications. > > note that

[ceph-users] Re: RGW topic created in wrong (default) tenant

> > this looks like a bug, the topic should be created in the right tenant. > please submit a tracker for that. > Thank you for confirming. Created here https://tracker.ceph.com/issues/51331 > yes. topics are owned by the tenant. previously, they were owned by the > user but since the same

[ceph-users] RGW topic created in wrong (default) tenant

Hi I'm using Ceph Pacific 16.2.1 I'm creating a topic as a user which belongs to a non-default tenant. I'm using AWS CLI 2 with v3 authentication enabled aws --profile=ceph-myprofile --endpoint=$HOST_S3_API --region="" sns create-topic --name=fishtopic --attributes='{"push-endpoint": "

[ceph-users] Re: Create and listing topics with AWS4 fails

topic management. > (tracked here: https://tracker.ceph.com/issues/50039) > It should be fixed soon but may take some time before it is backported to > Pacific (will keep the list posted). > > Best Regards, > > Yuval > > > On Tue, Jun 22, 2021 at 7:18 PM Daniel Iwan wrote:

[ceph-users] Create and listing topics with AWS4 fails

Hi I'm on Pacific 16.2.1 Documentation states that topic operations should be created using REST with application/x-www-form-urlencoded See https://docs.ceph.com/en/latest/radosgw/notifications/#topics However when attempting to create one using Postman (auth v4) operation fails.

[ceph-users] Re: Creating a role in another tenant seems to be possible

racker issue for the same, and I'll fix it when I can. > > Thanks, > Pritha > > On Thu, Jun 10, 2021 at 5:09 PM Daniel Iwan wrote: > >> Hi Pritha >> >> y answers inline. >> Forgot to add I'm on Ceph 1.2.1 >> >> >>> How did you check whet

[ceph-users] Re: Creating a role in another tenant seems to be possible

Hi Pritha y answers inline. Forgot to add I'm on Ceph 1.2.1 > How did you check whether the role was created in tenant1 or tenant2? > It shouldn't be created in tenant2, if it is, then it's a bug, please open > a tracker issue for it. > I checked that with radosgw-admin role list --tenant

[ceph-users] Creating a role in another tenant seems to be possible

Hi It seems that with command like this aws --profile=my-user-tenant1 --endpoint=$HOST_S3_API --region="" iam create-role --role-name="tenant2\$TemporaryRole" --assume-role-policy-document file://json/trust-policy-assume-role.json I can create a role in another tenant. Executing user have

[ceph-users] Re: RGW segmentation fault on Pacific 16.2.1 with multipart upload

ps://github.com/ceph/ceph/pull/41288 > > Daniel > > On 5/12/21 7:00 AM, Daniel Iwan wrote: > > Hi > > I have started to see segfaults during multiplart upload to one of the > > buckets > > File is about 60MB in size > > Upload of the same file to a brand n

[ceph-users] Re: RGW federated user cannot access created bucket

Thanks, that explains it. This is in combination with permissions given via bucket policies of course? Daniel ___ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io

[ceph-users] Re: Using ID of a federated user in a bucket policy in RGW

> separator for a tenant which is empty here, and ARN for a user is of the > format: arn:aws:iam:::user/, and hence the ARN here will > be arn:aws:iam:::user/oidc$7f71c7c5-c24f-418e-87ac-aa8fe271289b > Thanks, > Pritha > > On Wed, May 12, 2021 at 4:02 PM Daniel Iwan wrote: &

[ceph-users] RGW segmentation fault on Pacific 16.2.1 with multipart upload

Hi I have started to see segfaults during multiplart upload to one of the buckets File is about 60MB in size Upload of the same file to a brand new bucket works OK Command used aws --profile=tester --endpoint=$HOST_S3_API --region="" s3 cp ./pack-a9201afb4682b74c7c5a5d6070e661662bdfea1a.pack

[ceph-users] RGW federated user cannot access created bucket

Hi all Scenario is as follows Federated user assumes a role via AssumeRoleWithWebIdentity, which gives permission to create a bucket. User creates a bucket and becomes an owner (this is visible in Ceph's web ui as Owner $oidc$7f71c7c5-c24f-418e-87ac-aa8fe271289b). User cannot list the content of

[ceph-users] Using ID of a federated user in a bucket policy in RGW

Hi all I'm working on the following scenario User is authenticated with OIDC and tries to access a bucket which it does not own. How to specify user ID etc. to give access to such a user? By trial and error I found out that principal can be specified as "Principal":