Creating Ceph Object Gateway buckets

Use the dashboard to create Ceph Object Gateway buckets on the IBM Storage Ceph once the credentials are set up using the CLI.

Before you begin

Before you begin, make sure that you have the following prerequisites in place:
  • A running IBM Storage Ceph cluster.
  • Dashboard is installed.
  • The Ceph Object Gateway is installed.
  • Ceph Object Gateway login credentials are added to the dashboard.
  • Ceph Object Gateway user is created and not suspended.

Procedure

  1. From the dashboard navigation, go to Object > Buckets.
  2. Click Create.
    The Create Bucket displays.
  3. Fill in the Create Bucket form.
  4. Enter a Name for the bucket.
  5. Select a Owner. The owner is a user that is not suspended.
  6. Select a Placement target.
    Important: A bucket's placement target cannot be changed after creation.
  7. Optional: In the Locking section, select Enabled to enable locking for the bucket objects.
    Important: Locking can only be enabled while creating a bucket and cannot be changed after creation.
    1. Select the Mode, either Compliance or Governance.
    2. In the Days field, select the default retention period that is applied to new objects placed in this bucket.
  8. Optional: In the Security section, select Security to encrypt objects in the bucket.
    1. Set the configuration values for SSE-S3. Click the Encryption information icon and then Click here.
      Note: When using SSE-S3 encryption type, Ceph manages the encryption keys that are stored in the vault by the user.
    2. In the Update RGW Encryption Configurations dialog, ensure that SSE-S3 is selected as the Encryption Type.
    3. Fill in the other required information.
    4. Click Submit.
      Figure 1. Encrypt objects in the bucket

      Encrypting buckets using the Update RGW Encryption Configurations form.
  9. In the Tags section, click Add to add bucket tags.
    These tags are equivalent to the S3 PutBucketTagging. Enter the tag Key and tag Value to categorize your storage buckets.
  10. Set the bucket policies in the Policies section.
    1. Enter the Bucket policy.
      Use the Policy generator or Policy examples buttons to help create the bucket policies, as needed.

      Enter or modify the policy in JSON format.

      Use the following links from within the form to help create your bucket policy. These links open a new tab in your browser.
      • Policy generator is an external tool from AWS to generate a bucket policy. For more information, see AWS Policy Generator.
        Note: You can use the policy generator with the S3 Bucket Policy type as a guideline for building your Ceph Object Gateway bucket policies.
      • Policy examples takes you to AWS documentation with examples of bucket policies.
      For more information about managing bucket policies through the dashboard, see Managing Ceph Object Gateway bucket policies.
    2. Set the Access Control Lists (ACL) grantee and permission information.
      Table 1. ACL user operations
      Permission Bucket Object
      READ Grantee can list the objects in the bucket. Grantee can read the object.
      WRITE Grantee can write or delete objects in the bucket. N/A
      FULL_CONTROL Grantee has full permissions for object in the bucket. Grantee can read or write to the object ACL.
  11. Click Create Bucket.
    A notification displays that the bucket was created successfully.