MyFavMirrors
/
minio
mirror of https://github.com/minio/minio.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,495 Commits 5 Branches 503 Tags 186 MiB
Commit Graph

6 Commits

Author SHA1 Message Date
Harshavardhana 8757c963ba
Migrate all Peer communication to common Notification subsystem (#7031) 
Deprecate the use of Admin Peers concept and migrate all peer
communication to Notification subsystem. This finally allows
for a common subsystem for all peer notification in case of
distributed server deployments.
 2019-01-14 12:14:20 +05:30
Harshavardhana 2d19011a1d Add support for AssumeRoleWithWebIdentity (#6985) 2019-01-04 13:48:12 -08:00
Harshavardhana 9e3fce441e Audit log claims from token (#6847) 2018-11-22 09:33:24 +05:30
Harshavardhana 7e879a45d5 Add policy claim support for JWT (#6660) 
This way temporary credentials can use canned
policies on the server without configuring OPA.
 2018-10-29 11:08:59 -07:00
Harshavardhana 23b166b318 Remove applying custom policies with STS access keys (#6626) 
Move away from allowing custom policies, all policies in
STS come from OPA otherwise they fail.
 2018-10-15 12:44:03 -07:00
Harshavardhana 54ae364def Introduce STS client grants API and OPA policy integration (#6168) 
This PR introduces two new features

- AWS STS compatible STS API named AssumeRoleWithClientGrants

```
POST /?Action=AssumeRoleWithClientGrants&Token=<jwt>
```

This API endpoint returns temporary access credentials, access
tokens signature types supported by this API

  - RSA keys
  - ECDSA keys

Fetches the required public key from the JWKS endpoints, provides
them as rsa or ecdsa public keys.

- External policy engine support, in this case OPA policy engine

- Credentials are stored on disks
 2018-10-09 14:00:01 -07:00