Ask Your Question
0

Container access other than admin user

asked 2016-09-14 20:22:53 -0600

alfarooqui gravatar image

Hi

"openstack/packstack/CentOs7/mitaka"

I have created one user and was trying to creating an container with that. But it shows error unable to create container. But if i login as admin and try to create container it is successful.

So for user other than admin do i need to set any specific permission for that?

Regards Farooqui

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
0

answered 2016-09-15 01:30:19 -0600

dbaxps gravatar image

Try for particular user (case keystone api v2.0) :-

# keystone user-role-add --tenant_id=$UUID_PROJECT_TENANT \
  --user=$UUID_PARTICULAR_USER --role=$UUID_ResellerAdmin_ROLE

Anyway try to add ResellerAdmin role to user .

edit flag offensive delete link more
0

answered 2016-09-15 02:45:15 -0600

Donagh McCabe gravatar image

I would not recommend ResellerAdmin role for users because that allows that user to access/modify anything/everything in Swift.

When you created the user, what roles did they have on the project? Then look at /etc/swift/proxy-server.conf -- look for operator_roles in the keystoneauth section. Your user needs one of these roles to create a container.

At a guess, when you created the user, the user has _member_ role for the project. A common pattern is to modify operator_roles by adding _member_ to the list then restart proxy-server. Your user should now be able to create containers and objects.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2016-09-14 20:22:53 -0600

Seen: 85 times

Last updated: Sep 15 '16