MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-09 21:49:46 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: deprecate requirement of session token for service accounts (#9320)

Browse Source 
This PR fixes couple of behaviors with service accounts

- not need to have session token for service accounts
- service accounts can be generated by any user for themselves
  implicitly, with a valid signature.
- policy input for AddNewServiceAccount API is not fully typed
  allowing for validation before it is sent to the server.
- also bring in additional context for admin API errors if any
  when replying back to client.
- deprecate GetServiceAccount API as we do not need to reply
  back session tokens
This commit is contained in:
Harshavardhana
2020-04-14 11:28:56 -07:00
committed by GitHub
parent bfec5fe200
commit 37d066b563
14 changed files with 167 additions and 249 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
pkg/iam/policy/admin-action.go
View File

@@ -62,6 +62,7 @@ const (
// CreateUserAdminAction - allow creating MinIO user
CreateUserAdminAction = "admin:CreateUser"
// DeleteUserAdminAction - allow deleting MinIO user
DeleteUserAdminAction = "admin:DeleteUser"
// ListUsersAdminAction - allow list users permission