minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-08-06 14:42:56 +03:00
Code Activity
Files
DOCS-860-part2a
docs/source/reference/minio-mc-admin/mc-admin-policy-create.rst
Daryl White 840417a6f7 Doc updates for mc RELEASE.2023-03-20T17-17-53Z (#799) 
- Adds note that `mc support proxy set|remove` no longer require
registration
- Adds info about stale ARNs for `mc replicate status` command
- Additional information for --dry-run flag in `mc rm`
- Thoroughly updates and restructures `mc admin policy` commands
- Adds new `mc batch cancel` command
- Updates deprecated commands for newly deprecated mc admin policy
functions
- Fixes toctree on mc admin page to allow for mc admin policy subcommand
nesting

Closes #766

Other fixes not part of the release:
- Updates `--fake` flag on `mc rm` to `--dry-run`
- Updates `--fake` flag on `mc mirror` to `--dry-run`
2023-04-05 10:50:40 -05:00

2.8 KiB
Raw Permalink Blame History

mc admin policy create

minio

Table of Contents

mc admin policy create

Syntax

Creates a new policy on the target MinIO deployment.

MinIO deployments include the following built-in policies <minio-policy-built-in> by default:

  • readonly
  • readwrite
  • diagnostics
  • writeonly

EXAMPLE

Consider the following JSON policy document saved at a file called /tmp/listmybuckets.json:

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Action": [
            "s3:ListAllMyBuckets"
         ],
         "Resource": [
            "arn:aws:s3:::*"
         ]
      }
   ]
}

The following command creates a new policy called listmybuckets on the alias myminio using the policy found at the file /tmp/listmybuckets.json.

mc admin policy create myminio listmybuckets /tmp/listmybuckets.json

SYNTAX

The command has the following syntax:

mc admin policy create     \
                TARGET     \
                POLICYNAME \
                POLICYPATH

Parameters

The mc admin policy create command accepts the following arguments:

TARGET

The alias <mc alias> of a configured MinIO deployment on which to add the new policy.

POLICYNAME

The name of the policy to add.

Specifying the name of an existing policy overwrites that policy on the ~mc admin policy create TARGET MinIO deployment.

POLICYPATH

The file path of the policy to add. The file must be a JSON-formatted file with IAM-compatible syntax <reference_policies.html>.

Global Flags

Examples

Create a new policy called writeonly from the JSON file at /tmp/writeonly.json on the deployment at the alias myminio.

mc admin policy create myminio writeonly /tmp/writeonly.json