Ask Your Question

Container access other than admin user

asked 2016-09-14 20:22:53 -0500

alfarooqui gravatar image



I have created one user and was trying to creating an container with that. But it shows error unable to create container. But if i login as admin and try to create container it is successful.

So for user other than admin do i need to set any specific permission for that?

Regards Farooqui

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted

answered 2016-09-15 01:30:19 -0500

dbaxps gravatar image

Try for particular user (case keystone api v2.0) :-

# keystone user-role-add --tenant_id=$UUID_PROJECT_TENANT \
  --user=$UUID_PARTICULAR_USER --role=$UUID_ResellerAdmin_ROLE

Anyway try to add ResellerAdmin role to user .

edit flag offensive delete link more

answered 2016-09-15 02:45:15 -0500

Donagh McCabe gravatar image

I would not recommend ResellerAdmin role for users because that allows that user to access/modify anything/everything in Swift.

When you created the user, what roles did they have on the project? Then look at /etc/swift/proxy-server.conf -- look for operator_roles in the keystoneauth section. Your user needs one of these roles to create a container.

At a guess, when you created the user, the user has _member_ role for the project. A common pattern is to modify operator_roles by adding _member_ to the list then restart proxy-server. Your user should now be able to create containers and objects.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2016-09-14 20:22:53 -0500

Seen: 136 times

Last updated: Sep 15 '16