infrastructure/op_guide/backup_minio/README.md

71 lines
1.2 KiB
Markdown
Raw Normal View History

2022-01-26 18:09:26 +00:00
Add the admin account as `deuxfleurs` to your `~/.mc/config` file
You need to choose some names/identifiers:
```bash
export BUCKET_NAME=example
export NEW_ACCESS_KEY_ID=hello
export NEW_SECRET_ACCESS_KEY=$(openssl rand -base64 60)
export POLICY_NAME="policy-$BUCKET_NAME"
```
Create a new bucket:
```bash
mc mb deuxfleurs/$BUCKET_NAME
```
Create a new user:
```bash
mc admin user add deuxfleurs $NEW_ACCESS_KEY_ID $NEW_SECRET_ACCESS_KEY
```
Add this new user to your `~/.mc/config.json` file
---
Create a policy for this bucket and save it as json:
```bash
cat > /tmp/policy.json <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::${BUCKET_NAME}"
]
},
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::${BUCKET_NAME}/*"
]
}
]
}
```
Register it:
```bash
mc admin policy add deuxfleurs $POLICY_NAME /tmp/policy.json
```
Set it to your user:
```bash
mc admin policy set deuxfleurs $POLICY_NAME user=${NEW_ACCESS_KEY_ID}
```