Access controls
Robust access controls limit users and services to only the permissions they require.
Cephx Authentication and Authorization
Cephx is the native Ceph authentication system. It operates with shared secret keys:
- Key Types: Ceph uses different keys for different roles (e.g., keyring, admin, osd, mds, client). These keys represent common functional groupings or specific default keys (client.admin).
- Capabilities (Caps): Each key has associated capabilities defining what actions are permitted (e.g., mon ‘allow r’, osd ‘allow *’, mgr ‘allow profile security-cluster’).
User Management (Ceph Dashboard / RGW)
- Dashboard Users: Manage user accounts and roles within the Ceph Dashboard for accessing monitoring and limited management functions.
- RGW Users: RGW has its own user management system for S3/Swift access, separate from Cephx cluster users. Manage RGW users, keys (access key, secret key), and potentially quotas.
Management Infrastructure Access (Juju)
Control access at multiple levels:
- Host OS Access (POSIX permissions): Standard Linux user/group permissions and access controls (e.g. SSH keys, sudo rules) on the machines hosting Ceph components and Juju agents.
- Juju Permissions: Utilize Juju’s Role-Based Access Control (RBAC) to manage who can access controllers and models, and what actions they can perform.
- Elevated Privileges: Processes like OSDs typically require root-level privileges for device access. This risk is mitigated by security profiles, but careful host security remains essential.