MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-07 21:02:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

Better error when setting up replication with a service account alias (#16472)

Browse Source
This commit is contained in:
Anis Elleuch
2023-01-25 17:20:12 +01:00
committed by GitHub
parent 441babdc41
commit 0a0416b6ea
3 changed files with 6 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
cmd/iam-store.go
View File

@@ -2093,14 +2093,14 @@ func (store *IAMStoreSys) AddServiceAccount(ctx context.Context, cred auth.Crede
if su, found := cache.iamUsersMap[accessKey]; found {
scred := su.Credentials
if scred.ParentUser != parentUser {
return updatedAt, errIAMServiceAccountUsed
return updatedAt, fmt.Errorf("%w: the service account access key is taken by another user", errIAMServiceAccountNotAllowed)
}
return updatedAt, errIAMServiceAccount
return updatedAt, fmt.Errorf("%w: the service account access key already taken", errIAMServiceAccountNotAllowed)
}
// Parent user must not be a service account.
if u, found := cache.iamUsersMap[parentUser]; found && u.Credentials.IsServiceAccount() {
return updatedAt, errIAMServiceAccount
return updatedAt, fmt.Errorf("%w: unable to create a service account for another service account", errIAMServiceAccountNotAllowed)
}
u := newUserIdentity(cred)