Configure a bucket to enable MFA (multi-factor authentication) Delete, which requires additional authentication for either of the following operations:
- Change the versioning state of your bucket.
- Permanently delete an object version.
#2 Updated by Alfonso Martínez 10 months ago
In order to test this on a running cluster, do the following:
1) Create RGW MFA TOTP token from CLI. Example:
radosgw-admin mfa create --uid=dev --totp-serial=1 --totp-seed=23456723 --totp-seed-type=base32
2) Create your token in your TOTP app (like Android's FreeOTP)
and set --totp-seed value as secret and same --totp-seed-type.