Menu
We have a minio server. Until now anonymous users were not able to do anything.
Now we want to allow them to download object when they know the path. e.g. https://minio.example.com/minio/download/image-bucket/cf1c42ad182849308c790d98dd89638f.png
I read that the command line mc and the web UI were not able to do this. I didn't found out how to achieve it without both tools.
What I did is create a new policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::images-live/*"
],
"Sid": ""
}
]
}
And adding it to the minio server with mc admin policy add minio getonly-policy policy-test.json.
Now I'm suppose to attach this to a user. How can I achieve this to attach it to an anonymous user?
313
MinIO Client (mc) provides a modern alternative to UNIX commands like ls, cat, cp, mirror, diff etc. It supports filesystems and Amazon S3 compatible cloud storage service (AWS Signature v2 and v4).
To create service accounts for OpenID Connect-managed users, log into the MinIO Console and generate the service account through the UI. MinIO does not support using mc admin commands with other S3-compatible services, regardless of their claimed compatibility with MinIO deployments.
You can use
mc policy set download play/test
Access permission for `play/test` is set to `download`
This will allow you to download objects. If you want to customize, please use mc policy set-json command
curl https://play.minio.io:9000/test/issue
Ubuntu 18.04.2 LTS \n \l
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
