103 Commits (8cad407e0b011e05e34f3aca8093dfdb4a2630dc)

Author SHA1 Message Date
Harshavardhana 95e0acbb26
fix: allow accountInfo with creds with parentUsers (#11568) 4 years ago
Harshavardhana 5c6bfae4c7
fix: load credentials from etcd directly when possible (#11339) 4 years ago
Harshavardhana a5e23a40ff
fix: allow delayed etcd updates to have fallbacks (#11151) 4 years ago
Harshavardhana a6dee21092
initialize IAM store before Init() to avoid any crash (#11236) 4 years ago
Harshavardhana 9c53cc1b83
fix: heal multiple buckets in bulk (#11029) 4 years ago
Harshavardhana e6fa410778
fix: allow accountInfo, addUser and getUserInfo implicit (#10978) 4 years ago
Steven Reitsma 4683a623dc
fix: negative STS IAM token TTL value (#10866) 4 years ago
Harshavardhana 97692bc772
re-route requests if IAM is not initialized (#10850) 4 years ago
Harshavardhana 71753e21e0
add missing TTL for STS credentials on etcd (#10828) 4 years ago
Klaus Post 2294e53a0b
Don't retain context in locker (#10515) 4 years ago
Harshavardhana 68de5a6f6a
fix: IAM store fallback to list users and policies from disk (#10787) 4 years ago
Poorna Krishnamoorthy 5cc23ae052
validate if iam store is initialized (#10719) 4 years ago
Harshavardhana b07df5cae1
initialize IAM as soon as object layer is initialized (#10700) 4 years ago
Harshavardhana 2760fc86af
Bump default idleConnsPerHost to control conns in time_wait (#10653) 4 years ago
Harshavardhana a0d0645128
remove safeMode behavior in startup (#10645) 4 years ago
Klaus Post c851e022b7
Tweaks to dynamic locks (#10508) 4 years ago
Harshavardhana e57c742674
use single dynamic timeout for most locked API/heal ops (#10275) 4 years ago
Harshavardhana e7ba78beee
use GlobalContext instead of context.Background when possible (#10254) 4 years ago
Harshavardhana e656beb915
feat: allow service accounts to be generated with OpenID STS (#10184) 4 years ago
Harshavardhana fe157166ca
fix: Pass context all the way down to the network call in lockers (#10161) 4 years ago
Harshavardhana 7764c542f2
allow claims to be optional in STS (#10078) 4 years ago
Anis Elleuch 778e9c864f
Move dependency from minio-go v6 to v7 (#10042) 4 years ago
Harshavardhana 4915433bd2
Support bucket versioning (#9377) 5 years ago
Harshavardhana 96ed0991b5
fix: optimize IAM users load, add fallback (#9809) 5 years ago
Harshavardhana 4790868878
allow background IAM load to speed up startup (#9796) 5 years ago
Anton Huck f833e41e69
IAM: Fix nil panic due to uninit. iamGroupPolicyMap. Fixes #9730 (#9734) 5 years ago
Harshavardhana 189c861835
fix: remove LDAP groups claim and store them on server (#9637) 5 years ago
Harshavardhana 814ddc0923
add missing admin actions, enhance AccountUsageInfo (#9607) 5 years ago
Harshavardhana 1756b7c6ff
fix: LDAP derivative accounts parentUser validation is not needed (#9573) 5 years ago
Harshavardhana f8edc233ab
support multiple policies for temporary users (#9550) 5 years ago
Harshavardhana b5ed42c845
ignore policy/group missing errors appropriately (#9559) 5 years ago
Harshavardhana 28f9c477a8
fix: assume parentUser correctly for serviceAccounts (#9504) 5 years ago
Harshavardhana 09571d03a5
avoid unnecessary logging in IAM (#9502) 5 years ago
Harshavardhana 1b122526aa
fix: add service account support for AssumeRole/LDAPIdentity creds (#9451) 5 years ago
Anis Elleuch 20766069a8
add list/delete API service accounts admin API (#9402) 5 years ago
Harshavardhana c82fa2c829
fix: load LDAP users appropriately (#9360) 5 years ago
Harshavardhana 37d066b563
fix: deprecate requirement of session token for service accounts (#9320) 5 years ago
Aditya Manthramurthy 6bb693488c
Fix policy setting error in LDAP setups (#9303) 5 years ago
Harshavardhana ac07df2985
start watcher after all creds have been loaded (#9301) 5 years ago
César Nieto 3ea1be3c52
allow delete of a group with no policy set (#9288) 5 years ago
Harshavardhana 2642e12d14
fix: change policies API to return and take struct (#9181) 5 years ago
Harshavardhana e7276b7b9b
fix: make single locks for both IAM and object-store (#9279) 5 years ago
Harshavardhana d8af244708
Add numeric/date policy conditions (#9233) 5 years ago
Anis Elleuch 791821d590
sa: Allow empty policy to indicate parent user's policy is inherited (#9185) 5 years ago
Harshavardhana ea18e51f4d
Support multiple LDAP OU's, smAccountName support (#9139) 5 years ago
Anis Elleuch 496f4a7dc7
Add service account type in IAM (#9029) 5 years ago
Harshavardhana ab7d3cd508
fix: Speed up multi-object delete by taking bulk locks (#8974) 5 years ago
Harshavardhana 16a6e68d7b
fix: indicate PutBucketEncryption as a valid policy action (#9009) 5 years ago
Anis Elleuch 52bdbcd046
Add new admin API to return Accounting Usage (#8689) 5 years ago
poornas 301c50b721
Add canned `diagnostics` policy for admin users (#8937) 5 years ago