Chapter 3. Allowing user access to the Multicloud Object Gateway Console

To allow access to the Multicloud Object Gateway Console to a user, ensure that the user meets the following conditions:

  • User is in cluster-admins group.
  • User is in system:cluster-admins virtual group.

Prerequisites

  • A running OpenShift Container Storage Platform.

Procedure

  1. Enable access to the Multicloud Object Gateway console.

    Perform the following steps once on the cluster :

    1. Create a cluster-admins group.

      # oc adm groups new cluster-admins
    2. Bind the group to the cluster-admin role.

      # oc adm policy add-cluster-role-to-group cluster-admin cluster-admins
  2. Add or remove users from the cluster-admins group to control access to the Multicloud Object Gateway console.

    • To add a set of users to the cluster-admins group :

      # oc adm groups add-users cluster-admins <user-name> <user-name> <user-name>...

      where <user-name> is the name of the user to be added.

      Note

      If you are adding a set of users to the cluster-admins group, you do not need to bind the newly added users to the cluster-admin role to allow access to the OpenShift Container Storage dashboard.

    • To remove a set of users from the cluster-admins group :

      # oc adm groups remove-users cluster-admins <user-name> <user-name> <user-name>...

      where <user-name> is the name of the user to be removed.

Verification steps

  1. On the OpenShift Web Console, login as a user with access permission to Multicloud Object Gateway Console.
  2. Navigate to HomeOverviewObject Service tab → select the Multicloud Object Gateway link .
  3. On the Multicloud Object Gateway Console, login as the same user with access permission.
  4. Click Allow selected permissions.