infrastructure/op_guide/backup_minio/README.md

Add the admin account as `deuxfleurs` to your `~/.mc/config` file

You need to choose some names/identifiers:

```bash
export BUCKET_NAME=example
export NEW_ACCESS_KEY_ID=hello

export NEW_SECRET_ACCESS_KEY=$(openssl rand -base64 60)
export POLICY_NAME="policy-$BUCKET_NAME"
```

Create a new bucket:

```bash
mc mb deuxfleurs/$BUCKET_NAME
```

Create a new user:

```bash
mc admin user add deuxfleurs $NEW_ACCESS_KEY_ID $NEW_SECRET_ACCESS_KEY
```

Add this new user to your `~/.mc/config.json` file

---

Create a policy for this bucket and save it as json:

```bash
cat > /tmp/policy.json <<EOF
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::${BUCKET_NAME}"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::${BUCKET_NAME}/*"
            ]
        }
    ]
}
```

Register it:

```bash
mc admin policy add deuxfleurs $POLICY_NAME /tmp/policy.json
```

Set it to your user:

```bash
mc admin policy set deuxfleurs $POLICY_NAME user=${NEW_ACCESS_KEY_ID}
```