-
Notifications
You must be signed in to change notification settings - Fork 3
IAM
Krishna Srinivas edited this page Aug 16, 2018
·
1 revision
When using OpenID ID provider and OPA policy enforcer, the iam.json config file looks like:
{
"version": "1",
"identity": {
"type": "openid",
"openid": {
"jwks": {
"url": "http://192.168.1.12:9763/oauth2/jwks"
}
}
}
"policy": {
"type": "opa",
"opa": {
"url": ""
"authToken": ""
}
}
}
When using Minio’s built-in multi-user support and Minio’s built-in user policy enforcement feature, the iam.json config file looks like:
{
"version": "1",
"identity": {
"type": "minio",
"minio": {
"users": {
"harsha": {
secretKey: "harshasecret",
status: "enabled"
},
"krishna": {
secretKey: "krishnasecret",
status: "disabled"
}
}
},
}
"policy": {
"type": "minio",
"minio": {
"users": {
"harsha": {
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:GetObject",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::harshabucket"
}
]
},
"krishna": {
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:GetObject",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::krishnabucket"
}
]
}
"*": {
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:GetObject",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::anonymousbucket"
}
]
}
}
}
}
}