Robust access controls limit users and services to only the permissions they require.
Cephx Authentication and Authorization
Cephx is the native Ceph authentication system. It operates with shared secret keys:
- Key Types: Ceph uses different keys for different roles (e.g., keyring, admin, osd, mds, client). These keys represent common functional groupings or specific default keys (client.admin).
- Capabilities (Caps): Each key has associated capabilities defining what actions are permitted (e.g., mon ‘allow r’, osd ‘allow *’, mgr ‘allow profile security-cluster’).
User Management (Ceph Dashboard / RGW)
- Dashboard Users: Manage user accounts and roles within the Ceph Dashboard for accessing monitoring and limited management functions.
- RGW Users: RGW has its own user management system for S3/Swift access, separate from Cephx cluster users. Manage RGW users, keys (access key, secret key), and potentially quotas.
Management Infrastructure Access (Juju)
Control access at multiple levels:
- Host OS Access (POSIX permissions): Standard Linux user/group permissions and access controls (e.g. SSH keys, sudo rules) on the machines hosting Ceph components and Juju agents.
- Juju Permissions: Utilize Juju’s Role-Based Access Control (RBAC) to manage who can access controllers and models, and what actions they can perform.
- Elevated Privileges: Processes like OSDs typically require root-level privileges for device access. This risk is mitigated by security profiles, but careful host security remains essential.