· 6 years ago · Jun 16, 2019, 05:14 PM
1######################
2#
3# generate_rgw_s3_token.py
4#
5# Generates a base64 access key suitable for use with the Ceph
6# RADOSGW S3 API
7#
8# usage: python3 generate_rgw_s3_token.py --ttype ldap
9#
10# alternative: RGW_ACCESS_KEY_ID='foobar' RGW_ACCESS_SECRET_KEY='barbaz' generate_rgw_s3_token.py --ttype ad
11#
12# Will prompt for user/pass, unless the RGW_ACCESS_KEY_ID or RGW_SECRET_ACCESS_KEY environment
13# variables are defined. If they are, will use those for username/password, respectively.
14#
15# ttype may be "ldap" or "ad".
16#######################
17
18import sys
19import getpass
20import json
21import base64
22import os
23import argparse
24
25parser = argparse.ArgumentParser(description="Generate a RADOSGW S3 token")
26parser.add_argument("--ttype", dest="ttype", action="store", default="ldap")
27args = parser.parse_args()
28
29secret_key = None
30key_id = None
31
32if args.ttype and args.ttype not in ['ldap', 'ad']:
33 print("Error: --ttype must be one of 'ldap' or 'ad")
34 sys.exit(1)
35
36if 'RGW_ACCESS_KEY_ID' in os.environ:
37 key_id = os.environ['RGW_ACCESS_KEY_ID']
38
39if 'RGW_SECRET_ACCESS_KEY' in os.environ:
40 secret_key = os.environ['RGW_SECRET_ACCESS_KEY']
41
42if key_id is None:
43 key_id = input("Enter your LDAP or AD username: ")
44
45if secret_key is None:
46 secret_key = getpass.getpass("Enter your LDAP or AD password: ")
47
48rgw_token = {
49 "RGW_TOKEN": {
50 "version": 1,
51 "type": args.ttype,
52 "id": key_id,
53 "key": secret_key
54 }
55}
56
57json_token = json.dumps(rgw_token, indent=4) + "\n"
58access_key = base64.b64encode(json_token.encode())
59
60print("Your RADOSGW S3 Access Key is: ")
61print(access_key.decode())