46 Commits (59829658391d020c30c46d89f616d754032cf7db)

Author SHA1 Message Date
Harshavardhana 97692bc772
re-route requests if IAM is not initialized (#10850) 4 years ago
Harshavardhana bda0fe3150
fix: allow LDAP identity to support form body POST (#10468) 4 years ago
Harshavardhana 4b6585d249
support 'ldap:user' variable replacement properly (#10391) 4 years ago
Harshavardhana ede86845e5
docs: Add policy variables for resource and conditions (#10278) 4 years ago
Harshavardhana e656beb915
feat: allow service accounts to be generated with OpenID STS (#10184) 4 years ago
Harshavardhana 27266f8a54
fix: if OPA set do not enforce policy claim (#10149) 4 years ago
Harshavardhana 7764c542f2
allow claims to be optional in STS (#10078) 4 years ago
Harshavardhana ba756cf366
fix: extract array type for policy claim if present (#10014) 5 years ago
Harshavardhana d93bdea433
fix remove LDAPPassword from audit logs (#9773) 5 years ago
Harshavardhana 7cedc5369d
fix: send valid claims in AuditLogs for browser requests (#9713) 5 years ago
ebozduman 2896e780ae
fixes misleading assume role error msgs (#9642) 5 years ago
Harshavardhana 189c861835
fix: remove LDAP groups claim and store them on server (#9637) 5 years ago
Harshavardhana 1b122526aa
fix: add service account support for AssumeRole/LDAPIdentity creds (#9451) 5 years ago
Anis Elleuch 791821d590
sa: Allow empty policy to indicate parent user's policy is inherited (#9185) 5 years ago
Harshavardhana ea18e51f4d
Support multiple LDAP OU's, smAccountName support (#9139) 5 years ago
Harshavardhana 09d35d3b4c
fix: sts to return appropriate errors (#9161) 5 years ago
Anis Elleuch 496f4a7dc7
Add service account type in IAM (#9029) 5 years ago
Harshavardhana 1330e59307
accessKeyId missing should return appropriate error in AssumeRole (#9048) 5 years ago
Harshavardhana abc1c1070a Add custom policy claim name (#8764) 5 years ago
Harshavardhana d8e3de0cae Ensure comment is always a valid key (#8604) 5 years ago
Harshavardhana 5d3d57c12a
Start using error wrapping with fmt.Errorf (#8588) 5 years ago
Harshavardhana b21835f195 Honor DurationSeconds properly for WebIdentity (#8581) 5 years ago
Harshavardhana ee4a6a823d Migrate config to KV data format (#8392) 5 years ago
Harshavardhana 589e32a4ed Refactor config and split them in packages (#8351) 5 years ago
Harshavardhana fb1374f2f7 Rename iam/validator -> iam/openid and add tests (#8340) 5 years ago
poornas 5c2af3f792 Add more context to error messages in STS handlers(#8304) 5 years ago
Harshavardhana 77dc2031a2 Fix LDAP responseXML to be named appropriately (#8285) 5 years ago
Aditya Manthramurthy a0456ce940 LDAP STS API (#8091) 5 years ago
Harshavardhana e6d8e272ce
Use const slashSeparator instead of "/" everywhere (#8028) 5 years ago
Andreas Auernhammer f6d0645a3c fix DoS vulnerability in the content SHA-256 processing (#8026) 5 years ago
Aditya Manthramurthy 414a7eca83 Add IAM groups support (#7981) 5 years ago
Aditya Manthramurthy 7bdaf9bc50 Update on-disk storage format for users system (#7949) 5 years ago
Harshavardhana c43f745449
Ensure that we use constants everywhere (#7845) 6 years ago
Harshavardhana 1af6e8cb72
Add support for session policies in STS APIs (#7747) 6 years ago
Harshavardhana 6d89435356 Reload a specific user or policy on peers (#7705) 6 years ago
Harshavardhana 35d19a4ae2 Fix STS AssumeRole route conflict with MultipartUpload (#7574) 6 years ago
kannappanr 5ecac91a55
Replace Minio refs in docs with MinIO and links (#7494) 6 years ago
Harshavardhana c3ca954684 Implement AssumeRole API for Minio users (#7267) 6 years ago
Harshavardhana 8f62935448 Add proper requestID for STS errors (#7245) 6 years ago
Harshavardhana e4081aee62 Added support for reading body in STS API (#7188) 6 years ago
Harshavardhana 8757c963ba
Migrate all Peer communication to common Notification subsystem (#7031) 6 years ago
Harshavardhana 2d19011a1d Add support for AssumeRoleWithWebIdentity (#6985) 6 years ago
Harshavardhana 9e3fce441e Audit log claims from token (#6847) 6 years ago
Harshavardhana 7e879a45d5 Add policy claim support for JWT (#6660) 6 years ago
Harshavardhana 23b166b318 Remove applying custom policies with STS access keys (#6626) 6 years ago
Harshavardhana 54ae364def Introduce STS client grants API and OPA policy integration (#6168) 6 years ago