MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-07 12:52:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

examples: support configuration of a session policy file (#15078)

Browse Source
This commit is contained in:
George Costea
2022-06-13 18:36:58 -04:00
committed by GitHub
parent 0d00f3a55b
commit ce894665a8
3 changed files with 21 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
docs/sts/assume-role.go
View File

@@ -24,8 +24,10 @@ import (
"context"
"flag"
"fmt"
"io/ioutil"
"log"
"net/url"
"os"
"time"
"github.com/minio/minio-go/v7"
@@ -60,7 +62,7 @@ func init() {
flag.BoolVar(&displayCreds, "d", false, "Only show generated credentials")
flag.DurationVar(&expiryDuration, "e", 0, "Request a duration of validity for the generated credential")
flag.StringVar(&bucketToList, "b", "", "Bucket to list (defaults to username)")
// flag.StringVar(&sessionPolicyFile, "s", "", "File containing session policy to apply to the STS request")
flag.StringVar(&sessionPolicyFile, "s", "", "File containing session policy to apply to the STS request")
}
func main() {
@@ -77,21 +79,20 @@ func main() {
var stsOpts cr.STSAssumeRoleOptions
stsOpts.AccessKey = minioUsername
stsOpts.SecretKey = minioPassword
// FIXME: add support for passing this in minio-go
// if sessionPolicyFile != "" {
// var policy string
// if f, err := os.Open(sessionPolicyFile); err != nil {
// log.Fatalf("Unable to open session policy file: %v", sessionPolicyFile, err)
// } else {
// bs, err := ioutil.ReadAll(f)
// if err != nil {
// log.Fatalf("Error reading session policy file: %v", err)
// }
// policy = string(bs)
// }
// opts
// ldapOpts = append(ldapOpts, cr.LDAPIdentityPolicyOpt(policy))
// }
if sessionPolicyFile != "" {
var policy string
if f, err := os.Open(sessionPolicyFile); err != nil {
log.Fatalf("Unable to open session policy file: %v", err)
} else {
bs, err := ioutil.ReadAll(f)
if err != nil {
log.Fatalf("Error reading session policy file: %v", err)
}
policy = string(bs)
}
stsOpts.Policy = policy
}
if expiryDuration != 0 {
stsOpts.DurationSeconds = int(expiryDuration.Seconds())
}
@@ -126,7 +127,7 @@ func main() {
// Use generated credentials to authenticate with MinIO server
minioClient, err := minio.New(stsEndpointURL.Host, opts)
if err != nil {
log.Fatalf("Error initializing client: ", err)
log.Fatalf("Error initializing client: %v", err)
}
// Use minIO Client object normally like the regular client.