78 Commits (26cfd52e7e327caa380c136779e2a91ef3ffc088)

Author SHA1 Message Date
Anton Huck f833e41e69
IAM: Fix nil panic due to uninit. iamGroupPolicyMap. Fixes #9730 (#9734) 5 years ago
Harshavardhana 189c861835
fix: remove LDAP groups claim and store them on server (#9637) 5 years ago
Harshavardhana 814ddc0923
add missing admin actions, enhance AccountUsageInfo (#9607) 5 years ago
Harshavardhana 1756b7c6ff
fix: LDAP derivative accounts parentUser validation is not needed (#9573) 5 years ago
Harshavardhana f8edc233ab
support multiple policies for temporary users (#9550) 5 years ago
Harshavardhana b5ed42c845
ignore policy/group missing errors appropriately (#9559) 5 years ago
Harshavardhana 28f9c477a8
fix: assume parentUser correctly for serviceAccounts (#9504) 5 years ago
Harshavardhana 09571d03a5
avoid unnecessary logging in IAM (#9502) 5 years ago
Harshavardhana 1b122526aa
fix: add service account support for AssumeRole/LDAPIdentity creds (#9451) 5 years ago
Anis Elleuch 20766069a8
add list/delete API service accounts admin API (#9402) 5 years ago
Harshavardhana c82fa2c829
fix: load LDAP users appropriately (#9360) 5 years ago
Harshavardhana 37d066b563
fix: deprecate requirement of session token for service accounts (#9320) 5 years ago
Aditya Manthramurthy 6bb693488c
Fix policy setting error in LDAP setups (#9303) 5 years ago
Harshavardhana ac07df2985
start watcher after all creds have been loaded (#9301) 5 years ago
César Nieto 3ea1be3c52
allow delete of a group with no policy set (#9288) 5 years ago
Harshavardhana 2642e12d14
fix: change policies API to return and take struct (#9181) 5 years ago
Harshavardhana e7276b7b9b
fix: make single locks for both IAM and object-store (#9279) 5 years ago
Harshavardhana d8af244708
Add numeric/date policy conditions (#9233) 5 years ago
Anis Elleuch 791821d590
sa: Allow empty policy to indicate parent user's policy is inherited (#9185) 5 years ago
Harshavardhana ea18e51f4d
Support multiple LDAP OU's, smAccountName support (#9139) 5 years ago
Anis Elleuch 496f4a7dc7
Add service account type in IAM (#9029) 5 years ago
Harshavardhana ab7d3cd508
fix: Speed up multi-object delete by taking bulk locks (#8974) 5 years ago
Harshavardhana 16a6e68d7b
fix: indicate PutBucketEncryption as a valid policy action (#9009) 5 years ago
Anis Elleuch 52bdbcd046
Add new admin API to return Accounting Usage (#8689) 5 years ago
poornas 301c50b721
Add canned `diagnostics` policy for admin users (#8937) 5 years ago
Harshavardhana d76160c245
Initialize only one retry timer for all sub-systems (#8913) 5 years ago
Harshavardhana fe5d599802 fix: STS creds without "aud" should be honored with STS checks (#8868) 5 years ago
Aditya Manthramurthy 55063906b5 Fix group add/remove membership bug (#8877) 5 years ago
Harshavardhana abc1c1070a Add custom policy claim name (#8764) 5 years ago
Harshavardhana 99ad445260
Avoid double for loops in notification init (#8691) 5 years ago
Aditya Manthramurthy 01468d5a75 Fix user and policy deletion IAM commands (#8683) 5 years ago
Harshavardhana 586614c73f fix: temp credentials shouldn't allow policy/group changes (#8675) 5 years ago
Harshavardhana 3e9ab5f4a9
Fix k8s replica set deployment (#8629) 5 years ago
Harshavardhana c9940d8c3f Final changes to config sub-system (#8600) 5 years ago
Harshavardhana 26a866a202
Fix review comments and new changes in config (#8515) 5 years ago
Harshavardhana e9b2bf00ad Support MinIO to be deployed on more than 32 nodes (#8492) 5 years ago
Harshavardhana d97d53bddc
Honor etcd legacy v/s new config settings properly (#8510) 5 years ago
Harshavardhana 822eb5ddc7 Bring in safe mode support (#8478) 5 years ago
Harshavardhana 9e7a3e6adc Extend further validation of config values (#8469) 5 years ago
Harshavardhana ee4a6a823d Migrate config to KV data format (#8392) 5 years ago
Harshavardhana d48fd6fde9
Remove unusued params and functions (#8399) 5 years ago
Harshavardhana ff5bf51952 admin/heal: Fix deep healing to heal objects under more conditions (#8321) 5 years ago
Harshavardhana fd53057654 Add InfoCannedPolicy API to fetch only necessary policy (#8307) 5 years ago
Aditya Manthramurthy a0456ce940 LDAP STS API (#8091) 5 years ago
Aditya Manthramurthy 825e29f301 Check if user or group is disabled when evaluating policy (#8078) 5 years ago
Aditya Manthramurthy bf9b619d86 Set the policy mapping for a user or group (#8036) 5 years ago
Aditya Manthramurthy 5d2b5ee6a9 Refactor IAM to use new IAMStorageAPI (#7999) 5 years ago
kannappanr 930943f058
Fix IAM users migration regression in etcd (#8029) 5 years ago
Harshavardhana e6d8e272ce
Use const slashSeparator instead of "/" everywhere (#8028) 5 years ago
Harshavardhana b52b90412b Avoid data-transfer in distributed locking (#8004) 5 years ago