minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-08-06 14:42:56 +03:00
Code Activity
Files
DOCS-860-part2a
docs/source/reference/minio-mc-admin/mc-admin-policy-entities.rst
Daryl White 840417a6f7 Doc updates for mc RELEASE.2023-03-20T17-17-53Z (#799) 
- Adds note that `mc support proxy set|remove` no longer require
registration
- Adds info about stale ARNs for `mc replicate status` command
- Additional information for --dry-run flag in `mc rm`
- Thoroughly updates and restructures `mc admin policy` commands
- Adds new `mc batch cancel` command
- Updates deprecated commands for newly deprecated mc admin policy
functions
- Fixes toctree on mc admin page to allow for mc admin policy subcommand
nesting

Closes #766

Other fixes not part of the release:
- Updates `--fake` flag on `mc rm` to `--dry-run`
- Updates `--fake` flag on `mc mirror` to `--dry-run`
2023-04-05 10:50:40 -05:00

182 lines
5.5 KiB
ReStructuredText
Raw Permalink Blame History

============================
``mc admin policy entities``
============================
.. default-domain:: minio
.. contents:: Table of Contents
:local:
:depth: 2
.. mc:: mc admin policy entities
Syntax
------
.. start-mc-admin-policy-entities-desc
List the entities associated with a policy, user, or group on a target MinIO deployment.
.. end-mc-admin-policy-entities-desc
For example, you can list all of the users and groups attached to a policy or list all of the policies attached to a specific user or group.
.. tab-set::
.. tab-item:: EXAMPLE
The following command returns a list of the policies associated with the user ``bob`` on the deployment at alias ``myminio``.
.. code-block:: shell
:class: copyable
mc admin policy entities myminio/ --user bob
.. tab-item:: SYNTAX
The command has the following syntax:
.. code-block:: shell
:class: copyable
mc admin policy entities \
TARGET \
[--user value] \
[--group value] \
[--policy value]
.. include:: /includes/common-minio-mc.rst
:start-after: start-minio-syntax
:end-before: end-minio-syntax
Parameters
~~~~~~~~~~
The :mc-cmd:`mc admin policy entities` command accepts the following arguments:
.. mc-cmd:: TARGET
:required:
The :mc-cmd:`alias <mc alias>` of a configured MinIO deployment on which to add the new policy.
.. mc-cmd:: --group
:optional:
The name of the group identity for which you want to list attached policies.
You may include multiple groups by repeating the flag multiple times.
The command returns each group with a list of associated entities.
.. mc-cmd:: --policy
:optional:
The name of a policy for which to list associated entities.
You may include multiple policies by repeating the flag multiple times.
The command returns each policy with a list of all associated entities.
.. mc-cmd:: --user
:optional:
The username of the identity for which you want to list attached policies.
You may include multiple users by repeating the flag multiple times.
The command returns each user with a list of associated policies.
Global Flags
~~~~~~~~~~~~
.. include:: /includes/common-minio-mc.rst
:start-after: start-minio-mc-globals
:end-before: end-minio-mc-globals
Examples
--------
List all entities and policy associations for a deployment
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following command lists all policies and the entity mappings associated with them on the deployment at alias ``myminio``.
.. code-block:: shell
:class: copyable
mc admin policy entities myminio/
List entities associated with two different policies
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following command lists all entities associated with the policies ``inteam-policy`` and ``mlteam-policy`` on the deployment at alias ``myminio``.
.. code-block:: shell
:class: copyable
mc admin policy entities myminio/ --policy finteam-policy --policy mlteam-policy
List policies associated with two different users
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following command lists all policies associated with the users ``bob`` and ``james`` on the deployment at alias ``myminio``.
The command outputs the list of policies associated with ``bob`` then the list of policies associated with ``james`` on the deployment at alias ``myminio``.
.. code-block:: shell
:class: copyable
mc admin policy entities myminio/ --user bob --user james
List policies associated with two different groups
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following command lists all policies associated with the groups ``auditors`` and ``accounting`` on the deployment at alias ``myminio``.
The command outputs the list of policies associated with the group ``auditors`` then the list of policies associated with the group ``accounting`` on the deployment at alias ``myminio``.
.. code-block:: shell
:class: copyable
mc admin policy entities play/ --group auditors --group accounting
List policies associated with a policy, a group, and a user
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following command lists all policies associated with the policy ``finteam-policy``, the user ``bobfisher``, and the group ``consulting`` on the deployment at alias ``myminio``.
The command outputs the list of groups and users associated with the policy ``finteam-policy``, then lists the policies associated with the user ``bobfisher``, and finally lists the policies associated with the group ``consulting`` on the deployment at alias ``myminio``.
.. code-block:: shell
:class: copyable
mc admin policy entities play/ \
--policy finteam-policy --user bobfisher --group consulting
Output
------
The output of the commands resembles the following:
.. code-block:: shell
Query time: 2023-04-04T20:39:27Z
Policy -> Entity Mappings:
Policy: finteam-policy
User Mappings:
bobfisher
Policy: diagnostics
User Mappings:
james
bobfisher
marcia
Group Mappings:
consulting
auditors
User -> Policy Mappings:
User: bobfisher
ALLOW_PUBLIC_READ
finteam-policy
diagnostics
readonly
readwrite
writeonly
View Git Blame Copy Permalink