doc/radosgw/adminops.rst
.. _radosgw admin ops:
An admin API request will be done on a URI that starts with the configurable 'admin' resource entry point. Authorization for the admin API duplicates the S3 authorization mechanism. Some operations require that the user holds special administrative capabilities. The response entity type (XML or JSON) may be specified as the 'format' option in the request and defaults to JSON if not specified.
Get RGW cluster/endpoint information.
:caps: info=read
Syntax
::
GET /{admin}/info?format=json HTTP/1.1
Host: {fqdn}
Request Parameters
None.
Response Entities
If successful, the response contains an ``info`` section.
``info``
:Description: A container for all returned information.
:Type: Container
``cluster_id``
:Description: The (typically unique) identifier for the controlling
backing store for the RGW cluster. In the typical case,
this is value returned from librados::rados::cluster_fsid().
:Type: String
:Parent: ``info``
Special Error Responses
None.
Request bandwidth usage information.
Note: this feature is disabled by default, can be enabled by setting rgw enable usage log = true in the appropriate section of ceph.conf. For changes
in ceph.conf to take effect, radosgw process restart is needed.
:caps: usage=read
Syntax
::
GET /{admin}/usage?format=json HTTP/1.1
Host: {fqdn}
Request Parameters
uid
:Description: The user for which the information is requested. If not specified will apply to all users.
:Type: String
:Example: foo_user
:Required: No
start
:Description: Date and (optional) time that specifies the start time of the requested data.
:Type: String
:Example: 2012-09-25 16:00:00
:Required: No
end
:Description: Date and (optional) time that specifies the end time of the requested data (non-inclusive).
:Type: String
:Example: 2012-09-25 16:00:00
:Required: No
show-entries
:Description: Specifies whether data entries should be returned. :Type: Boolean :Example: True [True] :Required: No
show-summary
:Description: Specifies whether data summary should be returned. :Type: Boolean :Example: True [True] :Required: No
Response Entities
If successful, the response contains the requested information.
``usage``
:Description: A container for the usage information.
:Type: Container
``entries``
:Description: A container for the usage entries information.
:Type: Container
``user``
:Description: A container for the user data information.
:Type: Container
``owner``
:Description: The name of the user that owns the buckets.
:Type: String
``bucket``
:Description: The bucket name.
:Type: String
``time``
:Description: Time lower bound for which data is being specified (rounded to the beginning of the first relevant hour).
:Type: String
``epoch``
:Description: The time specified in seconds since 1/1/1970.
:Type: String
``categories``
:Description: A container for stats categories.
:Type: Container
``entry``
:Description: A container for stats entry.
:Type: Container
``category``
:Description: Name of request category for which the stats are provided.
:Type: String
``bytes_sent``
:Description: Number of bytes sent by the RADOS Gateway.
:Type: Integer
``bytes_received``
:Description: Number of bytes received by the RADOS Gateway.
:Type: Integer
``ops``
:Description: Number of operations.
:Type: Integer
``successful_ops``
:Description: Number of successful operations.
:Type: Integer
``summary``
:Description: A container for stats summary.
:Type: Container
``total``
:Description: A container for stats summary aggregated total.
:Type: Container
Special Error Responses
TBD.
Remove usage information. With no dates specified, removes all usage information.
Note: this feature is disabled by default, can be enabled by setting rgw enable usage log = true in the appropriate section of ceph.conf. For changes
in ceph.conf to take effect, radosgw process restart is needed.
:caps: usage=write
Syntax
::
DELETE /{admin}/usage?format=json HTTP/1.1
Host: {fqdn}
Request Parameters
uid
:Description: The user for which the information is requested. If not specified will apply to all users.
:Type: String
:Example: foo_user
:Required: No
start
:Description: Date and (optional) time that specifies the start time of the requested data.
:Type: String
:Example: 2012-09-25 16:00:00
:Required: No
end
:Description: Date and (optional) time that specifies the end time of the requested data (non-inclusive).
:Type: String
:Example: 2012-09-25 16:00:00
:Required: No
remove-all
:Description: Required when uid is not specified, in order to acknowledge multi user data removal. :Type: Boolean :Example: True [False] :Required: No
Special Error Responses
TBD.
Get User Info
=============
Get user information. Cap ``users`` or ``user-info-without-keys`` must be set to ``read`` to run this operation.
If cap ``user-info-without-keys`` is set to ``read`` or ``*``, S3 keys and Swift keys will not be
included in the response unless the user running this operation is the system user, an admin user, or the cap ``users`` is set to ``read``.
Either a ``uid`` or ``access-key`` must be supplied as a request parameter. We recommend supplying uid.
If both are provided but correspond to different users, the info for the user specified with ``uid`` will be returned.
:caps: users=read or user-info-without-keys=read
Syntax
~~~~~~
::
GET /{admin}/user?format=json HTTP/1.1
Host: {fqdn}
Request Parameters
~~~~~~~~~~~~~~~~~~
``uid``
:Description: The user for which the information is requested.
:Type: String
:Example: ``foo_user``
:Required: Yes
``access-key``
:Description: The S3 access key of the user for which the information is requested.
:Type: String
:Example: ``ABCD0EF12GHIJ2K34LMN``
:Required: No
Response Entities
~~~~~~~~~~~~~~~~~
If successful, the response contains the user information.
``user``
:Description: A container for the user data information.
:Type: Container
``user_id``
:Description: The user id.
:Type: String
:Parent: ``user``
``display_name``
:Description: Display name for the user.
:Type: String
:Parent: ``user``
``suspended``
:Description: True if the user is suspended.
:Type: Boolean
:Parent: ``user``
``max_buckets``
:Description: The maximum number of buckets to be owned by the user.
:Type: Integer
:Parent: ``user``
``subusers``
:Description: Subusers associated with this user account.
:Type: Container
:Parent: ``user``
``keys``
:Description: S3 keys associated with this user account.
:Type: Container
:Parent: ``user``
``swift_keys``
:Description: Swift keys associated with this user account.
:Type: Container
:Parent: ``user``
``caps``
:Description: User capabilities.
:Type: Container
:Parent: ``user``
Special Error Responses
None.
.. versionadded:: Squid
Create a new account.
:caps: accounts=write
Syntax
::
POST /{admin}/account?format=json HTTP/1.1
Host: {fqdn}
Request Parameters
id
:Description: The ID of the account to be created.
:Type: String
:Example: RGW00000000000000001
:Required: No
An account ID must be 20 characters long, and in the format of the string "RGW" followed by 17 numeric characters. If not specified, a random unique one will be generated.
name
:Description: The name of the account to be created.
:Type: String
:Example: account_name
:Required: No
email
:Description: The email address associated with the account.
:Type: String
:Example: [email protected]
:Required: No
tenant
:Description: The Tenant under which the account exists. :Type: string :Example: tenant1 :Required: No
max-users
:Description: Specifies the maximum number of users the account can own. The default is 1000. :Type: Integer :Example: 500 [1000] :Required: No
max-roles
:Description: Specifies the maximum number of roles the account can own. The default is 1000. :Type: Integer :Example: 500 [1000] :Required: No
max-groups
:Description: Specifies the maximum number of groups the account can own. The default is 1000. :Type: Integer :Example: 500 [1000] :Required: No
max-access-keys
:Description: Specifies the maximum number of access keys the account can own. The default is 4. :Type: Integer :Example: 1 [4] :Required: No
max-buckets
:Description: Specifies the maximum number of buckets the account can own. The default is 1000. :Type: Integer :Example: 500 [1000] :Required: No
Response Entities
If successful, the response contains the following account information.
``account``
:Description: A container for the account information.
:Type: Container
``id``
:Description: The ID of the account created.
:Type: String
:Parent: ``account``
``tenant``
:Description: The Tenant under which the account exists.
:Type: String
:Parent: ``account``
``name``
:Description: The name of the account created.
:Type: String
:Parent: ``account``
``email``
:Description: The email address associated with the account.
:Type: String
:Parent: ``account``
``max_users``
:Description: The maximum number of users the account can own.
:Type: Integer
:Parent: ``account``
``max_roles``
:Description: The maximum number of roles the account can own.
:Type: Integer
:Parent: ``account``
``max_groups``
:Description: The maximum number of groups the account can own.
:Type: Integer
:Parent: ``account``
``max_buckets``
:Description: The maximum number of buckets the account can own.
:Type: Integer
:Parent: ``account``
``max_access_keys``
:Description: The maximum number of access keys the account can own.
:Type: Integer
:Parent: ``account``
``quota``
:Description: A container for the account quota information.
:Type: Container
:Parent: ``account``
``enabled``
:Description: Whether quota is enabled at the account level.
:Type: Bool
:Parent: ``quota``
``check_on_raw``
:Description: Whether quota should be checked on raw usage instead of the 4 KiB rounded one.
:Type: Bool
:Parent: ``quota``
``max_size``
:Description: The max quota size in bytes.
:Type: Integer
:Parent: ``quota``
``max_size_kb``
:Description: The max quota size in kilobytes.
:Type: Integer
:Parent: ``quota``
``max_objects``
:Description: The max number of objects that an account can own.
:Type: Integer
:Parent: ``quota``
``bucket_quota``
:Description: A container for the account bucket-level quota information.
:Type: Container
:Parent: ``account``
``enabled``
:Description: Whether quota is enabled at the bucket level for the account.
:Type: Bool
:Parent: ``bucket_quota``
``check_on_raw``
:Description: Whether bucket quota for the account should be checked on raw usage instead of the 4 KiB rounded one.
:Type: Bool
:Parent: ``bucket_quota``
``max_size``
:Description: The max quota size in bytes for buckets under the account.
:Type: Integer
:Parent: ``bucket_quota``
``max_size_kb``
:Description: The max quota size in kilobytes for buckets under the account.
:Type: Integer
:Parent: ``bucket_quota``
``max_objects``
:Description: The max number of objects that a bucket under the account can have.
:Type: Integer
:Parent: ``bucket_quota``
Special Error Responses
AccountAlreadyExists
:Description: Attempt to create existing account. This can happen if the account ID or the email is already in use. :Code: 409 Conflict
.. versionadded:: Squid
Modify an account. Either id, name, or email must be provided.
:caps: accounts=write
Syntax
::
PUT /{admin}/account?format=json HTTP/1.1
Host: {fqdn}
Request Parameters
id
:Description: The ID of the account to be modified.
:Type: String
:Example: RGW00000000000000001
:Required: No
name
:Description: The name of the account to be modified.
:Type: String
:Example: account_name
:Required: No
email
:Description: The email address of the account to be modified.
:Type: String
:Example: [email protected]
:Required: No
max-users
:Description: Specifies the maximum number of users the account can own. The default is 1000. :Type: Integer :Example: 500 [1000] :Required: No
max-roles
:Description: Specifies the maximum number of roles the account can own. The default is 1000. :Type: Integer :Example: 500 [1000] :Required: No
max-groups
:Description: Specifies the maximum number of groups the account can own. The default is 1000. :Type: Integer :Example: 500 [1000] :Required: No
max-access-keys
:Description: Specifies the maximum number of access keys the account can own. The default is 4. :Type: Integer :Example: 1 [4] :Required: No
max-buckets
:Description: Specifies the maximum number of buckets the account can own. The default is 1000. :Type: Integer :Example: 500 [1000] :Required: No
Response Entities
If successful, the response contains the following account information.
``account``
:Description: A container for the account information.
:Type: Container
``id``
:Description: The account ID.
:Type: String
:Parent: ``account``
``tenant``
:Description: The Tenant under which the account exists.
:Type: String
:Parent: ``account``
``name``
:Description: The name of the account created.
:Type: String
:Parent: ``account``
``email``
:Description: The email address associated with the account.
:Type: String
:Parent: ``account``
``max_users``
:Description: The maximum number of users the account can own.
:Type: Integer
:Parent: ``account``
``max_roles``
:Description: The maximum number of roles the account can own.
:Type: Integer
:Parent: ``account``
``max_groups``
:Description: The maximum number of groups the account can own.
:Type: Integer
:Parent: ``account``
``max_buckets``
:Description: The maximum number of buckets the account can own.
:Type: Integer
:Parent: ``account``
``max_access_keys``
:Description: The maximum number of access keys the account can own.
:Type: Integer
:Parent: ``account``
``quota``
:Description: A container for the account quota information.
:Type: Container
:Parent: ``account``
``enabled``
:Description: Whether quota is enabled at the account level.
:Type: Bool
:Parent: ``quota``
``check_on_raw``
:Description: Whether quota should be checked on raw usage instead of the 4 KiB rounded one.
:Type: Bool
:Parent: ``quota``
``max_size``
:Description: The max quota size in bytes.
:Type: Integer
:Parent: ``quota``
``max_size_kb``
:Description: The max quota size in kilobytes.
:Type: Integer
:Parent: ``quota``
``max_objects``
:Description: The max number of objects that an account can own.
:Type: Integer
:Parent: ``quota``
``bucket_quota``
:Description: A container for the account bucket-level quota information.
:Type: Container
:Parent: ``account``
``enabled``
:Description: Whether quota is enabled at the bucket level for the account.
:Type: Bool
:Parent: ``bucket_quota``
``check_on_raw``
:Description: Whether bucket quota for the account should be checked on raw usage instead of the 4 KiB rounded one.
:Type: Bool
:Parent: ``bucket_quota``
``max_size``
:Description: The max quota size in bytes for buckets under the account.
:Type: Integer
:Parent: ``bucket_quota``
``max_size_kb``
:Description: The max quota size in kilobytes for buckets under the account.
:Type: Integer
:Parent: ``bucket_quota``
``max_objects``
:Description: The max number of objects that a bucket under the account can have.
:Type: Integer
:Parent: ``bucket_quota``
Special Error Responses
None.
.. versionadded:: Squid
Get account info. Either an id or a name must be provided.
:caps: accounts=write
Syntax
::
GET /{admin}/account?format=json HTTP/1.1
Host: {fqdn}
Request Parameters
id
:Description: The ID of the account to get info for.
:Type: String
:Example: RGW00000000000000001
:Required: No
name
:Description: The name of the account to get info for.
:Type: String
:Example: account_name
:Required: No
Response Entities
If successful, the response contains the following account information.
``account``
:Description: A container for the account information.
:Type: Container
``id``
:Description: The account ID.
:Type: String
:Parent: ``account``
``tenant``
:Description: The Tenant under which the account exists.
:Type: String
:Parent: ``account``
``name``
:Description: The name of the account created.
:Type: String
:Parent: ``account``
``email``
:Description: The email address associated with the account.
:Type: String
:Parent: ``account``
``max_users``
:Description: The maximum number of users the account can own.
:Type: Integer
:Parent: ``account``
``max_roles``
:Description: The maximum number of roles the account can own.
:Type: Integer
:Parent: ``account``
``max_groups``
:Description: The maximum number of groups the account can own.
:Type: Integer
:Parent: ``account``
``max_buckets``
:Description: The maximum number of buckets the account can own.
:Type: Integer
:Parent: ``account``
``max_access_keys``
:Description: The maximum number of access keys the account can own.
:Type: Integer
:Parent: ``account``
``quota``
:Description: A container for the account quota information.
:Type: Container
:Parent: ``account``
``enabled``
:Description: Whether quota is enabled at the account level.
:Type: Bool
:Parent: ``quota``
``check_on_raw``
:Description: Whether quota should be checked on raw usage instead of the 4 KiB rounded one.
:Type: Bool
:Parent: ``quota``
``max_size``
:Description: The max quota size in bytes.
:Type: Integer
:Parent: ``quota``
``max_size_kb``
:Description: The max quota size in kilobytes.
:Type: Integer
:Parent: ``quota``
``max_objects``
:Description: The max number of objects that an account can own.
:Type: Integer
:Parent: ``quota``
``bucket_quota``
:Description: A container for the account bucket-level quota information.
:Type: Container
:Parent: ``account``
``enabled``
:Description: Whether quota is enabled at the bucket level for the account.
:Type: Bool
:Parent: ``bucket_quota``
``check_on_raw``
:Description: Whether bucket quota for the account should be checked on raw usage instead of the 4 KiB rounded one.
:Type: Bool
:Parent: ``bucket_quota``
``max_size``
:Description: The max quota size in bytes for buckets under the account.
:Type: Integer
:Parent: ``bucket_quota``
``max_size_kb``
:Description: The max quota size in kilobytes for buckets under the account.
:Type: Integer
:Parent: ``bucket_quota``
``max_objects``
:Description: The max number of objects that a bucket under the account can have.
:Type: Integer
:Parent: ``bucket_quota``
Special Error Responses
None.
.. versionadded:: Squid
Remove an existing account. Either id, name, or email must be provided.
:caps: accounts=write
Syntax
::
DELETE /{admin}/account?format=json HTTP/1.1
Host: {fqdn}
Request Parameters
id
:Description: The ID of the account to be removed.
:Type: String
:Example: RGW00000000000000001
:Required: No
tenant
:Description: The Tenant under which the account exists.
:Type: String
:Example: tenant
:Required: No
name
:Description: The name of the account to be removed.
:Type: String
:Example: account_name
:Required: No
email
:Description: The email address associated with the account to be removed.
:Type: String
:Example: [email protected]
:Required: No
Response Entities
None
Special Error Responses
None.
Create a new user. By default, a S3 key pair will be created automatically
and returned in the response. If only one of access-key or secret-key
is provided, the omitted key will be automatically generated. By default, a
generated key is added to the keyring without replacing an existing key pair.
If access-key is specified and refers to an existing key owned by the user
then it will be modified.
.. versionadded:: Luminous
A tenant may either be specified as a part of uid or as an additional
request param.
:caps: users=write
Syntax
::
PUT /{admin}/user?format=json HTTP/1.1
Host: {fqdn}
Request Parameters
uid
:Description: The user ID to be created.
:Type: String
:Example: foo_user
:Required: Yes
A tenant name may also specified as a part of uid, by following the syntax
tenant$user, refer to :ref:Multitenancy <rgw-multitenancy> for more details.
display-name
:Description: The display name of the user to be created.
:Type: String
:Example: foo user
:Required: Yes
email
:Description: The email address associated with the user.
:Type: String
:Example: [email protected]
:Required: No
key-type
:Description: Key type to be generated, options are: swift, s3 (default).
:Type: String
:Example: s3 [s3]
:Required: No
access-key
:Description: Specify access key.
:Type: String
:Example: ABCD0EF12GHIJ2K34LMN
:Required: No
secret-key
:Description: Specify secret key.
:Type: String
:Example: 0AbCDEFg1h2i34JklM5nop6QrSTUV+WxyzaBC7D8
:Required: No
user-caps
:Description: User capabilities.
:Type: String
:Example: usage=read, write; users=read
:Required: No
generate-key
:Description: Generate a new key pair and add to the existing keyring. :Type: Boolean :Example: True [True] :Required: No
max-buckets
:Description: Specify the maximum number of buckets the user can own. :Type: Integer :Example: 500 [1000] :Required: No
suspended
:Description: Specify whether the user should be suspended. :Type: Boolean :Example: False [False] :Required: No
.. versionadded:: Jewel
tenant
:Description: the Tenant under which a user is a part of. :Type: string :Example: tenant1 :Required: No
default-placement
:Description: default placement for the user. :Type: string :Example: default-placement :Required: No
default-storage-class
:Description: default storage class for the user, default-placement must be defined when setting this option. :Type: string :Example: STANDARD-1A :Required: No
.. versionadded:: Squid
account-id
:Description: The account under which a user should exist. :Type: string :Example: RGW00000000000000001 :Required: No
account-root
:Description: Whether the user should be root for its account. :Type: Boolean :Example: False [False] :Required: No
Response Entities
If successful, the response contains the user information.
``user``
:Description: A container for the user data information.
:Type: Container
``tenant``
:Description: The tenant which user is a part of.
:Type: String
:Parent: ``user``
``user_id``
:Description: The user id.
:Type: String
:Parent: ``user``
``display_name``
:Description: Display name for the user.
:Type: String
:Parent: ``user``
``suspended``
:Description: True if the user is suspended.
:Type: Boolean
:Parent: ``user``
``max_buckets``
:Description: The maximum number of buckets to be owned by the user.
:Type: Integer
:Parent: ``user``
``subusers``
:Description: Subusers associated with this user account.
:Type: Container
:Parent: ``user``
``keys``
:Description: S3 keys associated with this user account.
:Type: Container
:Parent: ``user``
``swift_keys``
:Description: Swift keys associated with this user account.
:Type: Container
:Parent: ``user``
``caps``
:Description: User capabilities.
:Type: Container
:Parent: ``user``
Special Error Responses
UserExists
:Description: Attempt to create existing user. :Code: 409 Conflict
InvalidAccessKey
:Description: Invalid access key specified. :Code: 400 Bad Request
InvalidKeyType
:Description: Invalid key type specified. :Code: 400 Bad Request
InvalidSecretKey
:Description: Invalid secret key specified. :Code: 400 Bad Request
InvalidKeyType
:Description: Invalid key type specified. :Code: 400 Bad Request
KeyExists
:Description: Provided access key exists and belongs to another user. :Code: 409 Conflict
EmailExists
:Description: Provided email address exists. :Code: 409 Conflict
InvalidCapability
:Description: Attempt to grant invalid admin capability. :Code: 400 Bad Request
Modify a user.
:caps: users=write
Syntax
::
POST /{admin}/user?format=json HTTP/1.1
Host: {fqdn}
Request Parameters
uid
:Description: The user ID to be modified.
:Type: String
:Example: foo_user
:Required: Yes
display-name
:Description: The display name of the user to be modified.
:Type: String
:Example: foo user
:Required: No
email
:Description: The email address to be associated with the user.
:Type: String
:Example: [email protected]
:Required: No
generate-key
:Description: Generate a new key pair and add to the existing keyring. :Type: Boolean :Example: True [False] :Required: No
access-key
:Description: Specify access key.
:Type: String
:Example: ABCD0EF12GHIJ2K34LMN
:Required: No
secret-key
:Description: Specify secret key.
:Type: String
:Example: 0AbCDEFg1h2i34JklM5nop6QrSTUV+WxyzaBC7D8
:Required: No
key-type
:Description: Key type to be generated, options are: swift, s3 (default).
:Type: String
:Example: s3
:Required: No
max-buckets
:Description: Specify the maximum number of buckets the user can own. :Type: Integer :Example: 500 [1000] :Required: No
suspended
:Description: Specify whether the user should be suspended. :Type: Boolean :Example: False [False] :Required: No
op-mask
:Description: The op-mask of the user to be modified.
:Type: String
:Example: read, write, delete, *
:Required: No
default-placement
:Description: default placement for the user. :Type: string :Example: default-placement :Required: No
default-storage-class
:Description: default storage class for the user, default-placement must be defined when setting this option. :Type: string :Example: STANDARD-1A :Required: No
.. versionadded:: Squid
account-id
:Description: The account under which a user should exist. Cannot be changed or removed once set. :Type: string :Example: RGW00000000000000001 :Required: No
account-root
:Description: Whether the user should be root for its account. :Type: Boolean :Example: False [False] :Required: No
Response Entities
If successful, the response contains the user information.
``user``
:Description: A container for the user data information.
:Type: Container
``user_id``
:Description: The user id.
:Type: String
:Parent: ``user``
``display_name``
:Description: Display name for the user.
:Type: String
:Parent: ``user``
``suspended``
:Description: True if the user is suspended.
:Type: Boolean
:Parent: ``user``
``max_buckets``
:Description: The maximum number of buckets to be owned by the user.
:Type: Integer
:Parent: ``user``
``subusers``
:Description: Subusers associated with this user account.
:Type: Container
:Parent: ``user``
``keys``
:Description: S3 keys associated with this user account.
:Type: Container
:Parent: ``user``
``swift_keys``
:Description: Swift keys associated with this user account.
:Type: Container
:Parent: ``user``
``caps``
:Description: User capabilities.
:Type: Container
:Parent: ``user``
Special Error Responses
InvalidAccessKey
:Description: Invalid access key specified. :Code: 400 Bad Request
InvalidKeyType
:Description: Invalid key type specified. :Code: 400 Bad Request
InvalidSecretKey
:Description: Invalid secret key specified. :Code: 400 Bad Request
KeyExists
:Description: Provided access key exists and belongs to another user. :Code: 409 Conflict
EmailExists
:Description: Provided email address exists. :Code: 409 Conflict
InvalidCapability
:Description: Attempt to grant invalid admin capability. :Code: 400 Bad Request
Remove an existing user.
:caps: users=write
Syntax
::
DELETE /{admin}/user?format=json HTTP/1.1
Host: {fqdn}
Request Parameters
uid
:Description: The user ID to be removed.
:Type: String
:Example: foo_user
:Required: Yes.
purge-data
:Description: When specified the buckets and objects belonging to the user will also be removed. :Type: Boolean :Example: True :Required: No
Response Entities
None
Special Error Responses
None.
Create a new subuser (primarily useful for clients using the Swift API).
Note that in general for a subuser to be useful, it must be granted
permissions by specifying access. As with user creation if
subuser is specified without secret, then a secret key will
be automatically generated.
:caps: users=write
Syntax
::
PUT /{admin}/user?subuser&format=json HTTP/1.1
Host: {fqdn}
Request Parameters
uid
:Description: The user ID under which a subuser is to be created.
:Type: String
:Example: foo_user
:Required: Yes
subuser
:Description: Specify the subuser ID to be created.
:Type: String
:Example: sub_foo
:Required: Yes
secret-key
:Description: Specify secret key.
:Type: String
:Example: 0AbCDEFg1h2i34JklM5nop6QrSTUV+WxyzaBC7D8
:Required: No
key-type
:Description: Key type to be generated, options are: swift (default), s3.
:Type: String
:Example: swift [swift]
:Required: No
access
:Description: Set access permissions for sub-user, should be one
of read, write, readwrite, full.
:Type: String
:Example: read
:Required: No
generate-secret
:Description: Generate the secret key. :Type: Boolean :Example: True [False] :Required: No
Response Entities
If successful, the response contains the subuser information.
``subusers``
:Description: Subusers associated with the user account.
:Type: Container
``id``
:Description: Subuser id.
:Type: String
:Parent: ``subusers``
``permissions``
:Description: Subuser access to user account.
:Type: String
:Parent: ``subusers``
Special Error Responses
SubuserExists
:Description: Specified subuser exists. :Code: 409 Conflict
InvalidKeyType
:Description: Invalid key type specified. :Code: 400 Bad Request
InvalidSecretKey
:Description: Invalid secret key specified. :Code: 400 Bad Request
InvalidAccess
:Description: Invalid subuser access specified. :Code: 400 Bad Request
Modify an existing subuser
:caps: users=write
Syntax
::
POST /{admin}/user?subuser&format=json HTTP/1.1
Host: {fqdn}
Request Parameters
uid
:Description: The user ID under which the subuser is to be modified.
:Type: String
:Example: foo_user
:Required: Yes
subuser
:Description: The subuser ID to be modified.
:Type: String
:Example: sub_foo
:Required: Yes
generate-secret
:Description: Generate a new secret key for the subuser, replacing the existing key. :Type: Boolean :Example: True [False] :Required: No
secret
:Description: Specify secret key.
:Type: String
:Example: 0AbCDEFg1h2i34JklM5nop6QrSTUV+WxyzaBC7D8
:Required: No
key-type
:Description: Key type to be generated, options are: swift (default), s3 .
:Type: String
:Example: swift [swift]
:Required: No
access
:Description: Set access permissions for sub-user, should be one
of read, write, readwrite, full.
:Type: String
:Example: read
:Required: No
Response Entities
If successful, the response contains the subuser information.
``subusers``
:Description: Subusers associated with the user account.
:Type: Container
``id``
:Description: Subuser id.
:Type: String
:Parent: ``subusers``
``permissions``
:Description: Subuser access to user account.
:Type: String
:Parent: ``subusers``
Special Error Responses
InvalidKeyType
:Description: Invalid key type specified. :Code: 400 Bad Request
InvalidSecretKey
:Description: Invalid secret key specified. :Code: 400 Bad Request
InvalidAccess
:Description: Invalid subuser access specified. :Code: 400 Bad Request
Remove an existing subuser
:caps: users=write
Syntax
::
DELETE /{admin}/user?subuser&format=json HTTP/1.1
Host: {fqdn}
Request Parameters
uid
:Description: The user ID under which the subuser is to be removed.
:Type: String
:Example: foo_user
:Required: Yes
subuser
:Description: The subuser ID to be removed.
:Type: String
:Example: sub_foo
:Required: Yes
purge-keys
:Description: Remove keys belonging to the subuser. :Type: Boolean :Example: True [True] :Required: No
Response Entities
None.
Special Error Responses
None.
Create a new key. If a subuser is specified then by default created keys
will be swift type. If only one of access-key or secret-key is provided the
committed key will be automatically generated, that is if only secret-key is
specified then access-key will be automatically generated. By default, a
generated key is added to the keyring without replacing an existing key pair.
If access-key is specified and refers to an existing key owned by the user
then it will be modified. The response is a container listing all keys of the same
type as the key created. Note that when creating a swift key, specifying the option
access-key will have no effect. Additionally, only one swift key may be held by
each user or subuser.
:caps: users=write
Syntax
::
PUT /{admin}/user?key&format=json HTTP/1.1
Host: {fqdn}
Request Parameters
uid
:Description: The user ID to receive the new key.
:Type: String
:Example: foo_user
:Required: Yes
subuser
:Description: The subuser ID to receive the new key.
:Type: String
:Example: sub_foo
:Required: No
key-type
:Description: Key type to be generated, options are: swift, s3 (default).
:Type: String
:Example: s3 [s3]
:Required: No
access-key
:Description: Specify the access key.
:Type: String
:Example: AB01C2D3EF45G6H7IJ8K
:Required: No
secret-key
:Description: Specify the secret key.
:Type: String
:Example: 0ab/CdeFGhij1klmnopqRSTUv1WxyZabcDEFgHij
:Required: No
generate-key
:Description: Generate a new key pair and add to the existing keyring. :Type: Boolean :Example: True [True] :Required: No
active
:Description: Activate or deactivate a key. :Type: Boolean :Example: True [True] :Required: No
Response Entities
``keys``
:Description: Keys of type created associated with this user account.
:Type: Container
``user``
:Description: The user account associated with the key.
:Type: String
:Parent: ``keys``
``access-key``
:Description: The access key.
:Type: String
:Parent: ``keys``
``secret-key``
:Description: The secret key
:Type: String
:Parent: ``keys``
Special Error Responses
InvalidAccessKey
:Description: Invalid access key specified. :Code: 400 Bad Request
InvalidKeyType
:Description: Invalid key type specified. :Code: 400 Bad Request
InvalidSecretKey
:Description: Invalid secret key specified. :Code: 400 Bad Request
InvalidKeyType
:Description: Invalid key type specified. :Code: 400 Bad Request
KeyExists
:Description: Provided access key exists and belongs to another user. :Code: 409 Conflict
Remove an existing key.
:caps: users=write
Syntax
::
DELETE /{admin}/user?key&format=json HTTP/1.1
Host: {fqdn}
Request Parameters
access-key
:Description: The S3 access key belonging to the S3 key pair to remove.
:Type: String
:Example: AB01C2D3EF45G6H7IJ8K
:Required: Yes
uid
:Description: The user to remove the key from.
:Type: String
:Example: foo_user
:Required: No
subuser
:Description: The subuser to remove the key from.
:Type: String
:Example: sub_foo
:Required: No
key-type
:Description: Key type to be removed, options are: swift, s3.
NOTE: Required to remove swift key.
:Type: String
:Example: swift
:Required: No
Special Error Responses
None.
Response Entities
~~~~~~~~~~~~~~~~~
None.
Get Bucket Info
===============
Get information about a subset of the existing buckets. If ``uid`` is specified
without ``bucket`` then all buckets belonging to the user will be returned. If
``bucket`` alone is specified, information for that particular bucket will be
retrieved.
If ``max-entries`` is specified to limit the number of buckets returned, the
response body will change and contain the keys ``buckets``, ``count`` and
``truncated``. If ``truncated`` is true the ``marker`` key will also be added.
:caps: buckets=read
Syntax
~~~~~~
::
GET /{admin}/bucket?format=json HTTP/1.1
Host: {fqdn}
Request Parameters
~~~~~~~~~~~~~~~~~~
``bucket``
:Description: The bucket to return info on.
:Type: String
:Example: ``foo_bucket``
:Required: No
``uid``
:Description: The user to retrieve bucket information for.
:Type: String
:Example: ``foo_user``
:Required: No
``stats``
:Description: Return bucket statistics.
:Type: Boolean
:Example: True [False]
:Required: No
``max-entries``
:Description: The number of bucket list entries to return.
:Type: Integer
:Example: 100
:Required: No
``marker``
:Description: The marker to use when listing buckets.
:Type: String (bucket name)
:Example: my-bucket
:Required: No
Response Entities
~~~~~~~~~~~~~~~~~
If successful the request returns a buckets container containing
the desired bucket information.
``stats``
:Description: Per bucket information.
:Type: Container
``buckets``
:Description: Contains a list of one or more bucket containers.
:Type: Container
``bucket``
:Description: Container for single bucket information.
:Type: Container
:Parent: ``buckets``
``name``
:Description: The name of the bucket.
:Type: String
:Parent: ``bucket``
``pool``
:Description: The pool the bucket is stored in.
:Type: String
:Parent: ``bucket``
``id``
:Description: The unique bucket id.
:Type: String
:Parent: ``bucket``
``marker``
:Description: Internal bucket tag.
:Type: String
:Parent: ``bucket``
``owner``
:Description: The user id of the bucket owner.
:Type: String
:Parent: ``bucket``
``usage``
:Description: Storage usage information.
:Type: Container
:Parent: ``bucket``
``index``
:Description: Status of bucket index.
:Type: String
:Parent: ``bucket``
``count``
:Description: Number of returned buckets, only if ``max-entries`` is specified.
:Type: Integer
``truncated``
:Description: Reported if the response is truncated when ``max-entries`` is specified.
:Type: Boolean
``marker``
:Description: If ``truncated`` is true the ``marker`` key is returned with
the marker (bucket name) to use to continue pagination.
:Type: String
Special Error Responses
IndexRepairFailed
:Description: Bucket index repair failed. :Code: 409 Conflict
Check the index of an existing bucket. NOTE: to check multipart object
accounting with check-objects, fix must be set to True.
:caps: buckets=write
Syntax
::
GET /{admin}/bucket?index&format=json HTTP/1.1
Host: {fqdn}
Request Parameters
bucket
:Description: The bucket to return info on.
:Type: String
:Example: foo_bucket
:Required: Yes
check-objects
:Description: Check multipart object accounting. :Type: Boolean :Example: True [False] :Required: No
fix
:Description: Also fix the bucket index when checking. :Type: Boolean :Example: False [False] :Required: No
Response Entities
``index``
:Description: Status of bucket index.
:Type: String
Special Error Responses
IndexRepairFailed
:Description: Bucket index repair failed. :Code: 409 Conflict
Delete an existing bucket.
:caps: buckets=write
Syntax
::
DELETE /{admin}/bucket?format=json HTTP/1.1
Host: {fqdn}
Request Parameters
bucket
:Description: The bucket to remove.
:Type: String
:Example: foo_bucket
:Required: Yes
tenant
:Description: The tenant under which the bucket is to be removed.
:Type: String
:Example: tenant1
:Required: No
purge-objects
:Description: Remove a bucket's objects before deletion. :Type: Boolean :Example: True [False] :Required: No
bypass-gc
:Description: Bypass garbage collection. :Type: Boolean :Example: True [False] :Required: No
Response Entities
None.
Special Error Responses
BucketNotEmpty
:Description: Attempted to delete non-empty bucket. :Code: 409 Conflict
ObjectRemovalFailed
:Description: Unable to remove objects. :Code: 409 Conflict
Unlink a bucket from a specified user. Primarily useful for changing bucket ownership.
:caps: buckets=write
Syntax
::
POST /{admin}/bucket?format=json HTTP/1.1
Host: {fqdn}
Request Parameters
bucket
:Description: The bucket to unlink.
:Type: String
:Example: foo_bucket
:Required: Yes
uid
:Description: The user ID to unlink the bucket from.
:Type: String
:Example: foo_user
:Required: Yes
Response Entities
None.
Special Error Responses
BucketUnlinkFailed
:Description: Unable to unlink bucket from specified user. :Code: 409 Conflict
Link a bucket to a specified user, unlinking the bucket from any previous user.
:caps: buckets=write
Syntax
::
PUT /{admin}/bucket?format=json HTTP/1.1
Host: {fqdn}
Request Parameters
bucket
:Description: The bucket name to unlink.
:Type: String
:Example: foo_bucket
:Required: Yes
bucket-id
:Description: The bucket id to unlink.
:Type: String
:Example: dev.6607669.420
:Required: No
uid
:Description: The user ID to link the bucket to.
:Type: String
:Example: foo_user
:Required: Yes
Response Entities
``bucket``
:Description: Container for single bucket information.
:Type: Container
``name``
:Description: The name of the bucket.
:Type: String
:Parent: ``bucket``
``pool``
:Description: The pool the bucket is stored in.
:Type: String
:Parent: ``bucket``
``id``
:Description: The unique bucket id.
:Type: String
:Parent: ``bucket``
``marker``
:Description: Internal bucket tag.
:Type: String
:Parent: ``bucket``
``owner``
:Description: The user id of the bucket owner.
:Type: String
:Parent: ``bucket``
``usage``
:Description: Storage usage information.
:Type: Container
:Parent: ``bucket``
``index``
:Description: Status of bucket index.
:Type: String
:Parent: ``bucket``
Special Error Responses
BucketUnlinkFailed
:Description: Unable to unlink bucket from specified user. :Code: 409 Conflict
BucketLinkFailed
:Description: Unable to link bucket to specified user. :Code: 409 Conflict
Remove an existing object. NOTE: Does not require owner to be non-suspended.
:caps: buckets=write
Syntax
::
DELETE /{admin}/bucket?object&format=json HTTP/1.1
Host: {fqdn}
Request Parameters
bucket
:Description: The bucket containing the object to be removed.
:Type: String
:Example: foo_bucket
:Required: Yes
object
:Description: The object to remove.
:Type: String
:Example: foo.txt
:Required: Yes
Response Entities
None.
Special Error Responses
NoSuchObject
:Description: Specified object does not exist. :Code: 404 Not Found
ObjectRemovalFailed
:Description: Unable to remove objects. :Code: 409 Conflict
Read the policy of an object or bucket.
:caps: buckets=read
Syntax
::
GET /{admin}/bucket?policy&format=json HTTP/1.1
Host: {fqdn}
Request Parameters
bucket
:Description: The bucket to read the policy from.
:Type: String
:Example: foo_bucket
:Required: Yes
object
:Description: The object to read the policy from.
:Type: String
:Example: foo.txt
:Required: No
Response Entities
If successful, returns the object or bucket policy
``policy``
:Description: Access control policy.
:Type: Container
Special Error Responses
IncompleteBody
:Description: Either bucket was not specified for a bucket policy request or bucket and object were not specified for an object policy request. :Code: 400 Bad Request
Add an administrative capability to a specified user.
:caps: users=write
Syntax
::
PUT /{admin}/user?caps&format=json HTTP/1.1
Host: {fqdn}
Request Parameters
uid
:Description: The user ID to add an administrative capability to.
:Type: String
:Example: foo_user
:Required: Yes
user-caps
:Description: The administrative capability to add to the user.
:Type: String
:Example: usage=read,write;user=write
:Required: Yes
Response Entities
If successful, the response contains the user's capabilities.
``user``
:Description: A container for the user data information.
:Type: Container
:Parent: ``user``
``user_id``
:Description: The user id.
:Type: String
:Parent: ``user``
``caps``
:Description: User capabilities.
:Type: Container
:Parent: ``user``
Special Error Responses
InvalidCapability
:Description: Attempt to grant invalid admin capability. :Code: 400 Bad Request
Example Request
::
PUT /{admin}/user?caps&user-caps=usage=read,write;user=write&format=json HTTP/1.1
Host: {fqdn}
Content-Type: text/plain
Authorization: {your-authorization-token}
Remove A User Capability
========================
Remove an administrative capability from a specified user.
:caps: users=write
Syntax
~~~~~~
::
DELETE /{admin}/user?caps&format=json HTTP/1.1
Host: {fqdn}
Request Parameters
uid
:Description: The user ID to remove an administrative capability from.
:Type: String
:Example: foo_user
:Required: Yes
user-caps
:Description: The administrative capabilities to remove from the user.
:Type: String
:Example: usage=read, write
:Required: Yes
Response Entities
If successful, the response contains the user's capabilities.
``user``
:Description: A container for the user data information.
:Type: Container
:Parent: ``user``
``user_id``
:Description: The user id.
:Type: String
:Parent: ``user``
``caps``
:Description: User capabilities.
:Type: Container
:Parent: ``user``
Special Error Responses
InvalidCapability
:Description: Attempt to remove an invalid admin capability. :Code: 400 Bad Request
NoSuchCap
:Description: User does not possess specified capability. :Code: 404 Not Found
The Admin Operations API enables you to set quotas on users and on buckets owned
by users, and on accounts and on buckets owned by accounts. See Quota Management_
for additional details. Quotas include the maximum number of objects in a bucket
and the maximum storage size in megabytes.
To view quotas for users, the user must have a users=read capability. To set,
modify or disable a quota, the user must have users=write capability.
To view quotas for accounts, the user must have a accounts=read capability. To set,
modify or disable a quota, the user must have accounts=write capability.
See the Admin Guide_ for details.
Valid parameters for quotas include:
Bucket: The bucket option allows you to specify a quota for
buckets owned by a user.
Maximum Objects: The max-objects setting allows you to specify
the maximum number of objects. A negative value disables this setting.
Maximum Size: The max-size option allows you to specify a quota
for the maximum number of bytes. The max-size-kb option allows you
to specify it in KiB. A negative value disables this setting.
Quota Type: The quota-type option sets the scope for the quota.
The options are bucket and user for user-level quota.
The options are bucket and account for account-level quota.
Enable/Disable Quota: The enabled option specifies whether the
quota should be enabled. The value should be either 'True' or 'False'.
Get User Quota
To get a quota, the user must have ``users`` capability set with ``read``
permission. ::
GET /admin/user?quota&uid=<uid>"a-type=user
Set User Quota
To set a quota, the user must have users capability set with write
permission. ::
PUT /admin/user?quota&uid=<uid>"a-type=user
The content must include a JSON representation of the quota settings as encoded in the corresponding read operation.
Get Bucket Quota
To get a quota, the user must have ``users`` capability set with ``read``
permission. ::
GET /admin/user?quota&uid=<uid>"a-type=bucket
Set Bucket Quota
To set a quota, the user must have users capability set with write
permission. ::
PUT /admin/user?quota&uid=<uid>"a-type=bucket
The content must include a JSON representation of the quota settings as encoded in the corresponding read operation.
Set Quota for an Individual Bucket
To set a quota, the user must have ``buckets`` capability set with ``write``
permission. ::
PUT /admin/bucket?quota&uid=<uid>&bucket=<bucket-name>
The content must include a JSON representation of the quota settings
as mentioned in Set Bucket Quota section above.
Set Account Quota
~~~~~~~~~~~~~~~~~
To set a quota, the user must have ``accounts`` capability set with ``write``
permission. ::
PUT /admin/account?quota&id=<account_id>"a-type=account
Set Bucket Quota under an Account
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To set a quota, the user must have ``accounts`` capability set with ``write``
permission. ::
PUT /admin/account?quota&id=<account_id>"a-type=bucket
Rate Limit
==========
The Admin Operations API enables you to set and get ratelimit configurations on users and on buckets and global rate limit configurations. See `Rate Limit Management`_ for additional details.
Rate Limit includes the maximum number of operations and/or bytes per accumulation interval, separated by read and/or write (Additionally list and get operations),
to a bucket and/or by a user and the maximum storage size in megabytes.
To view rate limit, the user must have a ``ratelimit=read`` capability. To set,
modify or disable a ratelimit, the user must have ``ratelimit=write`` capability.
See the `Admin Guide`_ for details.
Valid parameters for quotas include:
- **Bucket:** The ``bucket`` option allows you to specify a rate limit for
a bucket.
- **User:** The ``uid`` option allows you to specify a rate limit for a user.
- **Maximum Read Bytes:** The ``max-read-bytes`` setting allows you to specify
the maximum number of read bytes per accumulation interval. A 0 value disables this setting.
- **Maximum Write Bytes:** The ``max-write-bytes`` setting allows you to specify
the maximum number of write bytes per accumulation interval. A 0 value disables this setting.
- **Maximum Read Ops:** The ``max-read-ops`` setting allows you to specify
the maximum number of read ops per accumulation interval. A 0 value disables this setting.
- **Maximum Write Ops:** The ``max-write-ops`` setting allows you to specify
the maximum number of write ops per accumulation interval. A 0 value disables this setting.
- **Maximum List Ops:** The ``max-list-ops`` setting allows you to specify
the maximum number of bucket listing requests per accumulation interval. A 0 value disables this setting.
- **Maximum Delete Ops:** The ``max-delete-ops`` setting allows you to specify
the maximum number of delete operations per accumulation interval. A 0 value disables throttling.
- **Global:** The ``global`` option allows you to specify a global rate limit.
The value should be either 'True' or 'False'.
- **Rate Limit Scope:** The ``ratelimit-scope`` option sets the scope for the rate limit.
The options are ``bucket`` , ``user`` and ``anonymous``.
``anonymous`` is only valid for setting global configuration
- **Enable/Disable Rate Limit:** The ``enabled`` option specifies whether the
rate limit should be enabled. The value should be either 'True' or 'False'.
Get User Rate Limit
~~~~~~~~~~~~~~~~~~~
To get a rate limit, the user must have ``ratelimit`` capability set with ``read``
permission. ::
GET /{admin}/ratelimit?ratelimit-scope=user&uid=<uid>
Set User Rate Limit
~~~~~~~~~~~~~~~~~~~
To set a rate limit, the user must have ``ratelimit`` capability set with ``write``
permission. ::
POST /{admin}/ratelimit?ratelimit-scope=user&uid=<uid><[&max-read-bytes=<bytes>][&max-write-bytes=<bytes>][&max-read-ops=<ops>][&max-write-ops=<ops>][&max-list-ops=<ops>][&max-delete-ops=<ops>][&enabled=<True|False>]>
Get Bucket Rate Limit
~~~~~~~~~~~~~~~~~~~~~
To get a rate limit, the user must have ``users`` capability set with ``read``
permission. ::
GET /{admin}/ratelimit?bucket=<bucket>&ratelimit-scope=bucket
Set Rate Limit for an Individual Bucket
To set a rate limit, the user must have ratelimit capability set with write
permission. ::
POST /{admin}/ratelimit?bucket=<bucket-name>&ratelimit-scope=bucket<[&max-read-bytes=<bytes>][&max-write-bytes=<bytes>][&max-read-ops=<ops>][&max-write-ops=<ops>][&max-list-ops=<ops>][&max-delete-ops=<ops>][&enabled=<True|False>]>
Get Global Rate Limit
To get a global rate limit, the user must have ``ratelimit`` capability set with ``read``
permission. ::
GET /{admin}/ratelimit?global=<True|False>
Set Global User Rate Limit
To set a rate limit, the user must have ratelimit capability set with write
permission. ::
POST /{admin}/ratelimit?ratelimit-scope=user&global=<True|False><[&max-read-bytes=<bytes>][&max-write-bytes=<bytes>][&max-read-ops=<ops>][&max-write-ops=<ops>][&max-list-ops=<ops>][&max-delete-ops=<ops>][&enabled=<True|False>]>
Set Global Rate Limit Bucket
To set a rate limit, the user must have ``ratelimit`` capability set with ``write``
permission. ::
POST /{admin}/ratelimit?ratelimit-scope=bucket&global=<True|False><[&max-read-bytes=<bytes>][&max-write-bytes=<bytes>][&max-read-ops=<ops>][&max-write-ops=<ops>][&max-list-ops=<ops>][&max-delete-ops=<ops>][&enabled=<True|False>]>
Set Global Anonymous User Rate Limit
To set a rate limit, the user must have ratelimit capability set with write
permission. ::
POST /{admin}/ratelimit?ratelimit-scope=anon&global=<True|False><[&max-read-bytes=<bytes>][&max-write-bytes=<bytes>][&max-read-ops=<ops>][&max-write-ops=<ops>][&max-list-ops=<ops>][&max-delete-ops=<ops>][&enabled=<True|False>]>
AccessDenied
:Description: Access denied. :Code: 403 Forbidden
InternalError
:Description: Internal server error. :Code: 500 Internal Server Error
NoSuchUser
:Description: User does not exist. :Code: 404 Not Found
NoSuchBucket
:Description: Bucket does not exist. :Code: 404 Not Found
NoSuchKey
:Description: No such access key. :Code: 404 Not Found
Golang
ceph/go-ceph_IrekFasikhov/go-rgwadmin_QuentinPerez/go-radosgw_Java
twonote/radosgw-admin4j_PHP
lbausch/php-ceph-radosgw-admin_myENA/php-rgw-api_Python
UMIACS/rgwadmin_valerytschopp/python-radosgw-admin_.. _Admin Guide: ../admin .. _Quota Management: ../admin#quota-management .. _IrekFasikhov/go-rgwadmin: https://github.com/IrekFasikhov/go-rgwadmin .. _QuentinPerez/go-radosgw: https://github.com/QuentinPerez/go-radosgw .. _ceph/go-ceph: https://github.com/ceph/go-ceph/ .. _Rate Limit Management: ../admin#rate-limit-management .. _IrekFasikhov/go-rgwadmin: https://github.com/IrekFasikhov/go-rgwadmin .. _QuentinPerez/go-radosgw: https://github.com/QuentinPerez/go-radosgw .. _twonote/radosgw-admin4j: https://github.com/twonote/radosgw-admin4j .. _lbausch/php-ceph-radosgw-admin: https://github.com/lbausch/php-ceph-radosgw-admin .. _myENA/php-rgw-api: https://github.com/myENA/php-rgw-api .. _UMIACS/rgwadmin: https://github.com/UMIACS/rgwadmin .. _valerytschopp/python-radosgw-admin: https://github.com/valerytschopp/python-radosgw-admin