Bug #63134
openrgw: fix user.rgw.user-policy attr remove by modify user info
0%
Description
1. Create user A and subuser AA
./bin/radosgw-admin user create --uid=A --display-name=fefwef
./bin/radosgw-admin subuser create --uid=A --subuser=A:AA --key-type=s3 --access-key barAccessKey --secret-key barSecretKey
2. Put user policy
AWS_ACCESS_KEY_ID=1 AWS_SECRET_ACCESS_KEY=1 aws --no-verify-ssl --endpoint-url http://127.0.0.1:8000 iam put-user-policy --user-name A --policy-name test --policy-document '{"Version": "2012-10-17", "Statement": [{"Sid": "FullDeny","Effect": "Deny", "Action": ["s3:CreateBucket", "s3:DeleteBucket"], "Resource": "*"}]}'
3. Check user metadata
./bin/rados -p default.rgw.meta listxattr A --namespace users.uid
ceph.objclass.version
user.rgw.user-policy
4. Modify user info: for a example by creating new subuser
./bin/radosgw-admin subuser create --uid=A --subuser=A:CC --key-type=s3 --access-key barAccessKey3 --secret-key barSecretKey
5. Check user metadata after update user info
./bin/rados -p default.rgw.meta listxattr A --namespace users.uid
ceph.objclass.version
after update user info, the user.rgw.user-policy will be remove
Updated by Casey Bodley 7 months ago
- Status changed from New to Fix Under Review
- Backport set to quincy reef
Updated by Casey Bodley 7 months ago
- Has duplicate Bug #48761: rgw: fix user.rgw.user-policy attr remove by assume_role or modify user info added
Updated by J. Eric Ivancich 7 months ago
- Status changed from Fix Under Review to Pending Backport
Updated by Backport Bot 7 months ago
- Copied to Backport #63250: reef: rgw: fix user.rgw.user-policy attr remove by modify user info added
Updated by Backport Bot 7 months ago
- Copied to Backport #63251: quincy: rgw: fix user.rgw.user-policy attr remove by modify user info added