Add admin API to edit remote bucket target credentials (#10848)

2025-11-09 05:34:56 -05:00 · 2020-11-24 19:09:05 -08:00
parent f96ed3769f
commit 3ad41fe89d
6 changed files with 82 additions and 29 deletions
--- a/pkg/madmin/examples/bucket-target.go
+++ b/pkg/madmin/examples/bucket-target.go
@@ -21,6 +21,7 @@ package main

 import (
 	"context"
+	"fmt"
 	"log"

 	"github.com/minio/minio/pkg/auth"
@@ -44,9 +45,11 @@ func main() {
 	}
 	target := madmin.BucketTarget{Endpoint: "site2:9000", Credentials: creds, TargetBucket: "destbucket", IsSSL: false, Type: madmin.ReplicationArn, BandwidthLimit: 2 * 1024 * 1024}
 	// Set bucket target
-	if err := madmClnt.SetBucketTarget(ctx, "srcbucket", &target); err != nil {
+	arn, err := madmClnt.SetBucketTarget(ctx, "srcbucket", &target)
+	if err != nil {
 		log.Fatalln(err)
 	}
+	fmt.Println("replication target ARN is:", arn)
 	// List all bucket target(s)
 	target, err = madmClnt.ListBucketTargets(ctx, "srcbucket", "")
 	if err != nil {
@@ -57,6 +60,17 @@ func main() {
 	if err != nil {
 		log.Fatalln(err)
 	}
+	// update credentials for target
+	creds, err := auth.CreateCredentials("access-key2", "secret-key2")
+	if err != nil {
+		log.Fatalln(err)
+	}
+	target := madmin.BucketTarget{Endpoint: "site2:9000", Credentials: creds, SourceBucket: "srcbucket", TargetBucket: "destbucket", IsSSL: false, Arn: "arn:minio:ilm:us-east-1:3cbe15b8-82b9-44bc-a737-db9051ab359a:srcbucket"}
+	// update credentials on bucket target
+	if _, err := madmClnt.UpdateBucketTarget(ctx, &target); err != nil {
+		log.Fatalln(err)
+	}
+
 	// Remove bucket target
 	arn := "arn:minio:replica::ac66b2cf-dd8f-4e7e-a882-9a64132f0d59:dest"
 	if err := madmClnt.RemoveBucketTarget(ctx, "srcbucket", arn); err != nil {
--- a/pkg/madmin/remote-target-commands.go
+++ b/pkg/madmin/remote-target-commands.go
@@ -236,6 +236,51 @@ func (adm *AdminClient) SetRemoteTarget(ctx context.Context, bucket string, targ
 	return arn, nil
 }

+// UpdateRemoteTarget updates credentials for a remote bucket target
+func (adm *AdminClient) UpdateRemoteTarget(ctx context.Context, target *BucketTarget) (string, error) {
+	if target == nil {
+		return "", fmt.Errorf("target cannot be nil")
+	}
+	data, err := json.Marshal(target)
+	if err != nil {
+		return "", err
+	}
+	encData, err := EncryptData(adm.getSecretKey(), data)
+	if err != nil {
+		return "", err
+	}
+	queryValues := url.Values{}
+	queryValues.Set("bucket", target.SourceBucket)
+	queryValues.Set("update", "true")
+
+	reqData := requestData{
+		relPath:     adminAPIPrefix + "/set-remote-target",
+		queryValues: queryValues,
+		content:     encData,
+	}
+
+	// Execute PUT on /minio/admin/v3/set-remote-target to set a target for this bucket of specific arn type.
+	resp, err := adm.executeMethod(ctx, http.MethodPut, reqData)
+
+	defer closeResponse(resp)
+	if err != nil {
+		return "", err
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return "", httpRespToErrorResponse(resp)
+	}
+	b, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return "", err
+	}
+	var arn string
+	if err = json.Unmarshal(b, &arn); err != nil {
+		return "", err
+	}
+	return arn, nil
+}
+
 // RemoveRemoteTarget removes a remote target associated with particular ARN for this bucket
 func (adm *AdminClient) RemoveRemoteTarget(ctx context.Context, bucket, arn string) error {
 	queryValues := url.Values{}