mirror of
https://github.com/minio/minio.git
synced 2024-12-24 22:25:54 -05:00
Add consoleAdmin as a default canned policy (#11770)
This commit is contained in:
parent
75db500e85
commit
7fa3e4106b
@ -2089,6 +2089,10 @@ func setDefaultCannedPolicies(policies map[string]iampolicy.Policy) {
|
||||
if !ok {
|
||||
policies["diagnostics"] = iampolicy.AdminDiagnostics
|
||||
}
|
||||
_, ok = policies["consoleAdmin"]
|
||||
if !ok {
|
||||
policies["consoleAdmin"] = iampolicy.Admin
|
||||
}
|
||||
}
|
||||
|
||||
// buildUserGroupMemberships - builds the memberships map. IMPORTANT:
|
||||
|
@ -18,6 +18,7 @@ package iampolicy
|
||||
|
||||
import (
|
||||
"github.com/minio/minio/pkg/bucket/policy"
|
||||
"github.com/minio/minio/pkg/bucket/policy/condition"
|
||||
)
|
||||
|
||||
// Policy claim constants
|
||||
@ -80,3 +81,24 @@ var AdminDiagnostics = Policy{
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
// Admin - provides admin all-access canned policy
|
||||
var Admin = Policy{
|
||||
Version: DefaultVersion,
|
||||
Statements: []Statement{
|
||||
{
|
||||
SID: policy.ID(""),
|
||||
Effect: policy.Allow,
|
||||
Actions: NewActionSet(AllAdminActions),
|
||||
Resources: NewResourceSet(),
|
||||
Conditions: condition.NewFunctions(),
|
||||
},
|
||||
{
|
||||
SID: policy.ID(""),
|
||||
Effect: policy.Allow,
|
||||
Actions: NewActionSet(AllActions),
|
||||
Resources: NewResourceSet(NewResource("*", "")),
|
||||
Conditions: condition.NewFunctions(),
|
||||
},
|
||||
},
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user