azure: Specify different Azure storage in the shell env (#10943)

AZURE_STORAGE_ACCOUNT and AZURE_STORAGE_KEY are used in 
azure CLI to specify the azure blob storage access & secret keys. With this commit, 
it is possible to set them if you want the gateway's own credentials to be
different from the Azure blob credentials.

Co-authored-by: Harshavardhana <harsha@minio.io>
This commit is contained in:
Anis Elleuch 2020-11-24 01:45:56 +01:00 committed by GitHub
parent 519c0077a9
commit 75a8e81f8f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 14 additions and 0 deletions

View File

@ -173,6 +173,16 @@ func (g *Azure) Name() string {
// NewGatewayLayer initializes azure blob storage client and returns AzureObjects.
func (g *Azure) NewGatewayLayer(creds auth.Credentials) (minio.ObjectLayer, error) {
var err error
// Override credentials from the Azure storage environment variables if specified
if acc, key := env.Get("AZURE_STORAGE_ACCOUNT", creds.AccessKey), env.Get("AZURE_STORAGE_KEY", creds.SecretKey); acc != "" && key != "" {
creds, err = auth.CreateCredentials(acc, key)
if err != nil {
return nil, err
}
}
endpointURL, err := parseStorageEndpoint(g.host, creds.AccessKey)
if err != nil {
return nil, err

View File

@ -36,6 +36,10 @@ mc ls myazure
[2017-02-26 22:10:11 PST] 0B test-container1/
```
### Use custom access/secret keys
If you do not want to share the credentials of the Azure blob storage with your users/applications, you can set the original credentials in the shell environment using `AZURE_STORAGE_ACCOUNT` and `AZURE_STORAGE_KEY` variables and assign different access/secret keys to `MINIO_ACCESS_KEY` and `MINIO_SECRET_KEY`.
### Known limitations
Gateway inherits the following Azure limitations: