essKey and secret_Key’.
>
> And I am sure that the ‘tom’s key’ is correct.
>
>
>
> *发件人**: *Yuan Minghui
> *日期**: *2019年5月28日 星期二 上午11:35
> *收件人**: *Pritha Srivastava
> *抄送**: *"ceph-users@lists.ceph.com"
> *主题**: *[ceph-users] assume_role() :http_code 400 e
t.
>
> kyle
>
>
>
> *发件人**: *Pritha Srivastava
> *日期**: *2019年5月23日 星期四 上午11:49
> *收件人**: *Yuan Minghui
> *抄送**: *"ceph-users@lists.ceph.com"
> *主题**: *Re: [ceph-users] assume_role() :http_code 405 error
>
>
>
> Hello,
>
> It looks like
Hello,
It looks like the version that you are trying this on, doesn't support
AssumeRole or STS. What version of Ceph are you using?
Thanks,
Pritha
On Thu, May 23, 2019 at 9:10 AM Yuan Minghui wrote:
> Hello :
>
>When I try to make a secure-temp-sesstion(STS), I try the following
>
Hello Yuan,
While creating the role, can you try setting the Principal to the user you
want the role to be assumed by, and the Action to - sts:AssumeRole, like
below:
policy_document =
gt; /?Action=PutUserPolicy=Policy1=TESTER={"Version":"2012-10-17","Statement":[{"Effect":"Deny","Action":"s3:*","Resource":["*"],"Condition":{"BoolIfExists":{"sts:authentication&q
*发件人:* myxingkong
> *发送时间:* 2019-03-11 18:13:33
> *收件人:* prsri...@redhat.com
> *抄送:* ceph-users@lists.ceph.com
> *主题:* Re: [ceph-users] How to attach permission policy to user?
>
> Hi Pritha:
>
> This is the documentation for configuring restful modules:
> http://docs.cep
/docs/nautilus/radosgw/STSLite/
>
> My version of ceph is: ceph version 14.1.0
> (adfd524c32325562f61c055a81dba4cb1b117e84) nautilus (dev)
>
> Thanks,
> myxingkong
> On 3/11/2019 18:06,Pritha Srivastava
> wrote:
>
> Hi Myxingkong,
>
> Can you explain what you
Hi Myxingkong,
Can you explain what you mean by 'enabling restful modules', particularly
which document are you referring to?
Right now there is no other way to attach a permission policy to a user.
There is work in progress for adding functionality to RGW using which such
calls can be scripted
A separate 'iam' namespace is still not supported in RGW, hence the REST
APIs for Roles using boto will not work. The REST APIs have been tested
using another client (s3curl) for the time being.
On Thu, Mar 7, 2019 at 12:00 PM myxingkong wrote:
>
> I created a role and attached a permission
Botocore/1.12.106
>
>
> Action=AssumeRole=3600=arn%3Aaws%3Aiam%3A%3A%3Arole%2Fapplication_abc%2Fcomponent_xyz%2Fcgtw-STS=2011-06-15=Bob
>
>
> Response:
>
>
> AccessDenied
> tx00010-005c7de39f-1217e-default
> 1217e-default-default
>
>
> C
There are two steps that have to be performed before calling AssumeRole:
1. A role named S3Access needs to be created to which it is mandatory to
attach an assume role policy document. For example,
radosgw-admin role create --role-name=S3Access
--path=/application_abc/component_xyz/
Sorry I overlooked the ceph versions in the email.
STS Lite is not a part of ceph version 12.2.11 or ceph version 13.2.2.
Thanks,
Pritha
On Wed, Feb 27, 2019 at 9:09 PM Pritha Srivastava
wrote:
> You need to attach a policy to be able to invoke GetSessionToken. Please
> read the documen
You need to attach a policy to be able to invoke GetSessionToken. Please
read the documentation below at:
https://github.com/ceph/ceph/pull/24818/commits/512b6d8bd951239d44685b25dccaf904f19872b2
Thanks,
Pritha
On Wed, Feb 27, 2019 at 8:59 PM Sage Weil wrote:
> Moving this to ceph-users.
>
>
- Original Message -
> From: "Pritha Srivastava" <prsri...@redhat.com>
> To: "Graham Allan" <g...@umn.edu>
> Cc: "Adam C. Emerson" <aemer...@redhat.com>, "Ceph Users"
> <ceph-users@lists.ceph.com>
> Sent
- Original Message -
> From: "Graham Allan" <g...@umn.edu>
> To: "Pritha Srivastava" <prsri...@redhat.com>, "Adam C. Emerson"
> <aemer...@redhat.com>
> Cc: "Ceph Users" <ceph-users@lists.ceph.com>
> Sen
- Original Message -
> From: "Adam C. Emerson"
> To: "Graham Allan"
> Cc: "Ceph Users"
> Sent: Thursday, July 13, 2017 1:23:27 AM
> Subject: Re: [ceph-users] Bucket policies in Luminous
>
> Graham Allan Wrote:
> > I thought
- Original Message -
> From: "码云"
> To: "ceph-users"
> Sent: Thursday, March 30, 2017 9:25:54 AM
> Subject: [ceph-users] how to get radosgw ops log
>
> Hi all,
> I have configured "rgw enable ops log = true" in ceph.conf,
> and now i
Corrected the formatting of the e-mail sent earlier.
- Original Message -
> From: "Pritha Srivastava" <prsri...@redhat.com>
> To: ceph-users@lists.ceph.com
> Sent: Monday, June 27, 2016 9:15:36 AM
> Subject: Re: [ceph-users] Jewel Multisite RGW Memory Issu
I have 2 distinct clusters configured, in 2 different locations, and 1
zonegroup.
Cluster 1 has ~11TB of data currently on it, S3 / Swift backups via
the duplicity backup tool - each file is 25Mb and probably 20% are
multipart uploads from S3 (so 4Mb stripes) - in total 3217kobjects.
This
19 matches
Mail list logo