Bug 2153775

Summary: [cee][rgw] Upgrade to 4.3z1 with vault results in (AccessDenied) failures when accessing buckets.
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: Marcus Watts <mwatts>
Component: RGWAssignee: Adam C. Emerson <aemerson>
Status: CLOSED ERRATA QA Contact: Vidushi Mishra <vimishra>
Severity: high Docs Contact: Eliska <ekristov>
Priority: unspecified    
Version: 6.0CC: aemerson, akraj, akupczyk, amathuri, anrao, bhubbard, cbodley, ceph-eng-bugs, cephqe-warriors, choffman, dwojewod, ekristov, ggugliel, kbader, kkeithle, ksirivad, lflores, mbenjamin, mkasturi, mwatts, nojha, pdhange, rfriedma, rmandyam, roemerso, rzarzyns, sbaldwin, sseshasa, tserlin, vereddy, vimishra, vumrao
Target Milestone: ---   
Target Release: 6.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ceph-17.2.5-49.el9cp Doc Type: Enhancement
Doc Text:
.The Ceph Object Gateway S3 policy errors are now more useful Previously, Ceph Object Gateway S3 policy error messages were opaque and not very useful. The initial issue with not being able to access data in the buckets after upgrading versions seemed to be the result of an accepted but invalid principal being ignored silently on ingest but rejected on use later due to a code change. With this release, the policy now prints detailed and useful error messages. There is also a new `rgw-policy-check` command that lets policy documents be tested in the command line, and a new option `rgw policy reject invalid principals` that is `false` by default and that rejects, with an error message, invalid principals on ingest only rather than ignoring them without error.
 Story Points: ---
Clone Of: 2136304 Environment:
Last Closed: 2023-03-20 18:59:40 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2136304, 2162135    
Bug Blocks: 2126050    

Comment 43 errata-xmlrpc 2023-03-20 18:59:40 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Red Hat Ceph Storage 6.0 Bug Fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2023:1360