mirror of
https://github.com/minio/minio.git
synced 2024-12-24 06:05:55 -05:00
examples: support configuration of a session policy file (#15078)
This commit is contained in:
parent
0d00f3a55b
commit
ce894665a8
@ -24,8 +24,10 @@ import (
|
||||
"context"
|
||||
"flag"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"net/url"
|
||||
"os"
|
||||
"time"
|
||||
|
||||
"github.com/minio/minio-go/v7"
|
||||
@ -60,7 +62,7 @@ func init() {
|
||||
flag.BoolVar(&displayCreds, "d", false, "Only show generated credentials")
|
||||
flag.DurationVar(&expiryDuration, "e", 0, "Request a duration of validity for the generated credential")
|
||||
flag.StringVar(&bucketToList, "b", "", "Bucket to list (defaults to username)")
|
||||
// flag.StringVar(&sessionPolicyFile, "s", "", "File containing session policy to apply to the STS request")
|
||||
flag.StringVar(&sessionPolicyFile, "s", "", "File containing session policy to apply to the STS request")
|
||||
}
|
||||
|
||||
func main() {
|
||||
@ -77,21 +79,20 @@ func main() {
|
||||
var stsOpts cr.STSAssumeRoleOptions
|
||||
stsOpts.AccessKey = minioUsername
|
||||
stsOpts.SecretKey = minioPassword
|
||||
// FIXME: add support for passing this in minio-go
|
||||
// if sessionPolicyFile != "" {
|
||||
// var policy string
|
||||
// if f, err := os.Open(sessionPolicyFile); err != nil {
|
||||
// log.Fatalf("Unable to open session policy file: %v", sessionPolicyFile, err)
|
||||
// } else {
|
||||
// bs, err := ioutil.ReadAll(f)
|
||||
// if err != nil {
|
||||
// log.Fatalf("Error reading session policy file: %v", err)
|
||||
// }
|
||||
// policy = string(bs)
|
||||
// }
|
||||
// opts
|
||||
// ldapOpts = append(ldapOpts, cr.LDAPIdentityPolicyOpt(policy))
|
||||
// }
|
||||
|
||||
if sessionPolicyFile != "" {
|
||||
var policy string
|
||||
if f, err := os.Open(sessionPolicyFile); err != nil {
|
||||
log.Fatalf("Unable to open session policy file: %v", err)
|
||||
} else {
|
||||
bs, err := ioutil.ReadAll(f)
|
||||
if err != nil {
|
||||
log.Fatalf("Error reading session policy file: %v", err)
|
||||
}
|
||||
policy = string(bs)
|
||||
}
|
||||
stsOpts.Policy = policy
|
||||
}
|
||||
if expiryDuration != 0 {
|
||||
stsOpts.DurationSeconds = int(expiryDuration.Seconds())
|
||||
}
|
||||
@ -126,7 +127,7 @@ func main() {
|
||||
// Use generated credentials to authenticate with MinIO server
|
||||
minioClient, err := minio.New(stsEndpointURL.Host, opts)
|
||||
if err != nil {
|
||||
log.Fatalf("Error initializing client: ", err)
|
||||
log.Fatalf("Error initializing client: %v", err)
|
||||
}
|
||||
|
||||
// Use minIO Client object normally like the regular client.
|
||||
|
2
go.mod
2
go.mod
@ -49,7 +49,7 @@ require (
|
||||
github.com/minio/highwayhash v1.0.2
|
||||
github.com/minio/kes v0.19.2
|
||||
github.com/minio/madmin-go v1.3.14
|
||||
github.com/minio/minio-go/v7 v7.0.27
|
||||
github.com/minio/minio-go/v7 v7.0.28
|
||||
github.com/minio/pkg v1.1.24
|
||||
github.com/minio/selfupdate v0.4.0
|
||||
github.com/minio/sha256-simd v1.0.0
|
||||
|
4
go.sum
4
go.sum
@ -633,8 +633,8 @@ github.com/minio/md5-simd v1.1.0/go.mod h1:XpBqgZULrMYD3R+M28PcmP0CkI7PEMzB3U77Z
|
||||
github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34=
|
||||
github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM=
|
||||
github.com/minio/minio-go/v7 v7.0.23/go.mod h1:ei5JjmxwHaMrgsMrn4U/+Nmg+d8MKS1U2DAn1ou4+Do=
|
||||
github.com/minio/minio-go/v7 v7.0.27 h1:yJCvm78B+2+ll1PqO9eSD1as6Ibw3IYnnD8PyBEB2zo=
|
||||
github.com/minio/minio-go/v7 v7.0.27/go.mod h1:x81+AX5gHSfCSqw7jxRKHvxUXMlE5uKX0Vb75Xk5yYg=
|
||||
github.com/minio/minio-go/v7 v7.0.28 h1:VMr3K5qGIEt+/KW3poopRh8mzi5RwuCjmrmstK196Fg=
|
||||
github.com/minio/minio-go/v7 v7.0.28/go.mod h1:x81+AX5gHSfCSqw7jxRKHvxUXMlE5uKX0Vb75Xk5yYg=
|
||||
github.com/minio/pkg v1.1.20/go.mod h1:Xo7LQshlxGa9shKwJ7NzQbgW4s8T/Wc1cOStR/eUiMY=
|
||||
github.com/minio/pkg v1.1.24 h1:a2RCb6LgsCi9DvrripuvlFQRCNb5Hp1HIssnsUqLoZY=
|
||||
github.com/minio/pkg v1.1.24/go.mod h1:z9PfmEI804KFkF6eY4LoGe8IDVvTCsYGVuaf58Dr0WI=
|
||||
|
Loading…
Reference in New Issue
Block a user