minio/docker-compose.yml at d1e41695fe8481aabefc9fe186fa29a4740036fa - minio - Leffler.Media Gitea

MyFavMirrors/minio

mirror of https://github.com/minio/minio.git synced 2024-12-25 22:55:54 -05:00

Harshavardhana 54ae364def Introduce STS client grants API and OPA policy integration (#6168 )

This PR introduces two new features

- AWS STS compatible STS API named AssumeRoleWithClientGrants

```
POST /?Action=AssumeRoleWithClientGrants&Token=<jwt>
```

This API endpoint returns temporary access credentials, access
tokens signature types supported by this API

  - RSA keys
  - ECDSA keys

Fetches the required public key from the JWKS endpoints, provides
them as rsa or ecdsa public keys.

- External policy engine support, in this case OPA policy engine

- Credentials are stored on disks

2018-10-09 14:00:01 -07:00

18 lines

354 B

YAML

Raw Blame History

 version: '2'
 services:
   opa:
     image: openpolicyagent/opa:0.9.1
     ports:
       - 8181:8181
     command:
       - "run"
       - "--server"
       - "--log-level=debug"
   api_server:
     image: openpolicyagent/demo-restful-api:0.2
     ports:
       - 5000:5000
     environment:
       - OPA_ADDR=http://opa:8181
       - POLICY_PATH=/v1/data/httpapi/authz