oyd
/
minio
6
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Adds info on policy for STS authentication using web-id (#9289)

Browse Source
master
ebozduman 5 years ago committed by GitHub
parent f4e779c964
commit a78731a3ba
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 18 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 18
      docs/sts/web-identity.md

18
docs/sts/web-identity.md
Unescape View File

@ -112,6 +112,24 @@ $ go run web-identity.go -cid 204367807228-ok7601k6gj1pgge7m09h7d79co8p35xx.apps
2018/12/26 17:49:36 listening on http://localhost:8080/
```
Note: For a reasonable test outcome, make sure the assumed user has at least permission/policy to list all buckets. That policy would look like below:
```
{
"version": "2012-10-17",
"statement": [
{
"effect": "Allow",
"action": [
"s3:ListAllMyBuckets"
],
"resource": [
"arn:aws:s3:::*"
]
}
]
}
```
## Authorization Flow
- Visit http://localhost:8080, login will direct the user to the Google OAuth2 Auth URL to obtain a permission grant.

Write Preview
Loading…
Cancel
Save