Chapter 3. Allowing user access to the Multicloud Object Gateway Console
To allow access to the Multicloud Object Gateway (MCG) Console to a user, ensure that the user meets the following conditions:
- User is in cluster-admins group.
- User is in system:cluster-admins virtual group.
Prerequisites
- A running OpenShift Data Foundation Platform.
Procedure
Enable access to the MCG console.
Perform the following steps once on the cluster :
Create a
cluster-admins
group.# oc adm groups new cluster-admins
Bind the group to the
cluster-admin
role.# oc adm policy add-cluster-role-to-group cluster-admin cluster-admins
Add or remove users from the
cluster-admins
group to control access to the MCG console.To add a set of users to the
cluster-admins
group :# oc adm groups add-users cluster-admins <user-name> <user-name> <user-name>...
where
<user-name>
is the name of the user to be added.NoteIf you are adding a set of users to the
cluster-admins
group, you do not need to bind the newly added users to the cluster-admin role to allow access to the OpenShift Data Foundation dashboard.To remove a set of users from the
cluster-admins
group :# oc adm groups remove-users cluster-admins <user-name> <user-name> <user-name>...
where
<user-name>
is the name of the user to be removed.
Verification steps
- On the OpenShift Web Console, login as a user with access permission to Multicloud Object Gateway Console.
-
Navigate to Storage
Data Foundation. -
In the Storage Systems tab, select the storage system and then click Overview
Object tab. - Select the Multicloud Object Gateway link.
- Click Allow selected permissions.