storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/pkg/madmin/examples/add-user-and-policy.go

storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/pkg/madmin/examples/add-user-and-policy.go (about)

     1  //go:build ignore
     2  // +build ignore
     3  
     4  /*
     5   * MinIO Cloud Storage, (C) 2017 MinIO, Inc.
     6   *
     7   * Licensed under the Apache License, Version 2.0 (the "License");
     8   * you may not use this file except in compliance with the License.
     9   * You may obtain a copy of the License at
    10   *
    11   *     http://www.apache.org/licenses/LICENSE-2.0
    12   *
    13   * Unless required by applicable law or agreed to in writing, software
    14   * distributed under the License is distributed on an "AS IS" BASIS,
    15   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    16   * See the License for the specific language governing permissions and
    17   * limitations under the License.
    18   *
    19   */
    20  
    21  package main
    22  
    23  import (
    24  	"context"
    25  	"log"
    26  
    27  	"storj.io/minio/pkg/bucket/policy"
    28  	"storj.io/minio/pkg/bucket/policy/condition"
    29  	iampolicy "storj.io/minio/pkg/iam/policy"
    30  	"storj.io/minio/pkg/madmin"
    31  )
    32  
    33  func main() {
    34  	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY are
    35  	// dummy values, please replace them with original values.
    36  
    37  	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY are
    38  	// dummy values, please replace them with original values.
    39  
    40  	// API requests are secure (HTTPS) if secure=true and insecure (HTTP) otherwise.
    41  	// New returns an MinIO Admin client object.
    42  	madmClnt, err := madmin.New("your-minio.example.com:9000", "YOUR-ACCESSKEYID", "YOUR-SECRETACCESSKEY", true)
    43  	if err != nil {
    44  		log.Fatalln(err)
    45  	}
    46  
    47  	if err = madmClnt.AddUser(context.Background(), "newuser", "newstrongpassword"); err != nil {
    48  		log.Fatalln(err)
    49  	}
    50  
    51  	// Create policy
    52  	p := iampolicy.Policy{
    53  		Version: iampolicy.DefaultVersion,
    54  		Statements: []iampolicy.Statement{
    55  			iampolicy.NewStatement(
    56  				policy.Allow,
    57  				iampolicy.NewActionSet(iampolicy.GetObjectAction),
    58  				iampolicy.NewResourceSet(iampolicy.NewResource("testbucket/*", "")),
    59  				condition.NewFunctions(),
    60  			)},
    61  	}
    62  
    63  	if err = madmClnt.AddCannedPolicy(context.Background(), "get-only", &p); err != nil {
    64  		log.Fatalln(err)
    65  	}
    66  
    67  	if err = madmClnt.SetUserPolicy(context.Background(), "newuser", "get-only"); err != nil {
    68  		log.Fatalln(err)
    69  	}
    70  }