Adding roles to Ceph Object Gateway users

You can add a role to a specific Ceph object gateway user on the IBM Storage Ceph dashboard.

Before you begin

Before you begin, make sure that you have the following prerequisites in place:
  • Ceph Object Gateway is installed.
  • Ceph Object gateway login credentials are added to the dashboard.
  • Ceph Object gateway user is created.

Procedure

  1. From the dashboard navigation, go to Object > Users and click on the Roles tab.
  2. Click Create.
  3. In the Create Role form, configure Role name, Path, and Assume Role Policy Document.
    Figure 1. Create Role form

    This screen capture gives an example of the Create Role form. In this example, the Role name is s3access and the Path is /, The Assume Role Policy Document is filled in with {"Version": "2012-10-17","Statement":[{"Effect":"Allow","Principal":{"AWS":["arn:aws:iam::::user/kvm"]}, "Action":["sts:AssumeRole", "s3:PutObject"]}]}.
  4. Click Create Role.
    A notification displays that the role was created successfully.