mirror of
https://github.com/pgsty/minio.git
synced 2026-07-19 20:20:25 +03:00
Introduce STS client grants API and OPA policy integration (#6168)
This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
This commit is contained in:
committed by
kannappanr
parent
16a100b597
commit
54ae364def
@@ -0,0 +1,4 @@
|
||||
export MINIO_ACCESS_KEY=minio
|
||||
export MINIO_SECRET_KEY=minio123
|
||||
export MINIO_IAM_JWKS_URL=http://localhost:9763/oauth2/jwks
|
||||
export MINIO_IAM_OPA_URL=http://localhost:8181/v1/data/httpapi/authz
|
||||
Reference in New Issue
Block a user