Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
This project is now read‑only. Starting Monday, February 2, please use Jira Cloud for all bug tracking management.

Bug 2354779

Summary: [RGW] S3 Credentials created at secondary site are erased when new credentials are created at primary using the AdminOps API
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: daniel parkes <dparkes>
Component: RGWAssignee: shilpa <smanjara>
Status: CLOSED ERRATA QA Contact: Manisha <mreddem>
Severity: high Docs Contact: Rivka Pollack <rpollack>
Priority: unspecified    
Version: 8.1CC: ceph-eng-bugs, cephqe-warriors, mbenjamin, mreddem, rpollack, tserlin, ygayam
Target Milestone: ---   
Target Release: 9.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ceph-20.1.0-26 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2026-01-29 06:54:31 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description daniel parkes 2025-03-25 07:46:29 UTC 
Description of problem:

Problem
S3 Credentials created at secondary site are erased when new credentials are created at primary. Talking to Casey Bodley, these metadata modifying requests should be forwarded to the primary by Ceph.

What we are seeing:

When I create an access key on the primary, it immediately gets replicated to the secondary.
When I create an access key on the secondary, it doesn't get replicated to the primary.
But if I then create another access key on the primary, all of the access keys that were created on the secondary actually vanishes from the secondary leaving only the access keys that had been created on the primary and replicated to the secondary.


We need to review all the Admin ops API commands/calls to ensure they behave the same way and always forward metadata requests to the master zone when multisite replication is configured.



Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 2 Storage PM bot 2025-03-25 07:46:40 UTC 
Please specify the severity of this bug. Severity is defined here:
https://bugzilla.redhat.com/page.cgi?id=fields.html#bug_severity.
Comment 12 errata-xmlrpc 2026-01-29 06:54:31 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: Red Hat Ceph Storage 9.0 Security and Enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2026:1536