Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support multiple policies in 'mc admin user policy' command #4685

Merged
merged 2 commits into from
Sep 19, 2023
Merged

Support multiple policies in 'mc admin user policy' command #4685

merged 2 commits into from
Sep 19, 2023

Conversation

r-scheele
Copy link
Contributor

@r-scheele r-scheele commented Sep 19, 2023
edited
Loading

Description

mc admin user policy command to handle users with multiple attached policies. With this update, the command can now handle multiple policies, displaying each policy's details sequentially.

Motivation and Context

The command would fail with an error when a user had more than one policy attached, as it expected a single policy name

How to test this PR?

~/mc admin user add myminio minio1 minio123

Added user `minio1` successfully.

~/mc admin policy attach myminio consoleAdmin --user minio1

Attached Policies: [consoleAdmin]
To User: minio1

~/mc admin user info myminio minio1

AccessKey: minio1
Status: enabled
PolicyName: consoleAdmin
MemberOf: []

~/mc admin user policy myminio minio1

{
  "Version": "2012-10-17",
  "Statement": [
   {
    "Effect": "Allow",
    "Action": [
     "admin:*"
    ]
   },
   {
    "Effect": "Allow",
    "Action": [
     "kms:*"
    ]
   },
   {
    "Effect": "Allow",
    "Action": [
     "s3:*"
    ],
    "Resource": [
     "arn:aws:s3:::*"
    ]
   }
  ]
 }

~/mc admin policy attach myminio diagnostics --user minio1

Attached Policies: [diagnostics]
To User: minio1

~/mc admin user info myminio minio1

AccessKey: minio1
Status: enabled
PolicyName: consoleAdmin,diagnostics
MemberOf: []

~/mc admin user policy myminio minio1

{
  "Version": "2012-10-17",
  "Statement": [
   {
    "Effect": "Allow",
    "Action": [
     "admin:*"
    ]
   },
   {
    "Effect": "Allow",
    "Action": [
     "kms:*"
    ]
   },
   {
    "Effect": "Allow",
    "Action": [
     "s3:*"
    ],
    "Resource": [
     "arn:aws:s3:::*"
    ]
   }
  ]
 }
{
  "Version": "2012-10-17",
  "Statement": [
   {
    "Effect": "Allow",
    "Action": [
     "admin:Profiling",
     "admin:ServerTrace",
     "admin:ConsoleLog",
     "admin:ServerInfo",
     "admin:TopLocksInfo",
     "admin:OBDInfo",
     "admin:BandwidthMonitor",
     "admin:Prometheus"
    ],
    "Resource": [
     "arn:aws:s3:::*"
    ]
   }
  ]
 }

Types of changes

  • New feature (non-breaking change which adds functionality)

shtripat
shtripat approved these changes Sep 19, 2023
View reviewed changes
Copy link
Contributor

@shtripat shtripat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Verified. Change the PR comment to remove Policy found for user minio1 : consoleAdmin from sample output as that's not in output. Else looks fine.

@harshavardhana harshavardhana merged commit f551d4b into minio:master Sep 19, 2023
5 checks passed
@r-scheele r-scheele deleted the updates/multiple-policy-support branch September 19, 2023 16:28
@djwfyi djwfyi mentioned this pull request Sep 21, 2023
Closed
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@harshavardhana harshavardhana harshavardhana approved these changes

@shtripat shtripat shtripat approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@r-scheele @harshavardhana @shtripat