minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-08-08 01:43:18 +03:00
Code Activity
Files
DOCS-860-part2a
docs/source/reference/minio-mc-admin/mc-admin-user-svcacct-add.rst
Andrea Longo 626e4e4f32 svcacct doc updates from RELEASE.2023-05-18T16-59-00Z (#868) 
Doc updates for `mc admin user svcacct add` and `edit`.

* `--comment` replaced with `--user` and `--description` for `add` and
`edit`.
* Add detail on length of autogenerated keys. Autogeneration was already
documented, the included change is a bug fix.

Partly addresses https://github.com/minio/docs/issues/859

---------

Co-authored-by: Daryl White <53910321+djwfyi@users.noreply.github.com>
2023-06-02 14:00:08 -06:00

4.3 KiB
Raw Permalink Blame History

mc admin user svcacct add

minio

Table of Contents

mc admin user svcacct add

Syntax

The mc admin user svcacct add command adds a new access key to an existing MinIO or AD/LDAP user.

Access keys for OpenID Connect users

To generate service account access keys for OpenID Connect users <minio-external-identity-management-openid>, use the MinIO Console <minio-console>.

EXAMPLE

The following command creates a new access key associated to an existing MinIO user:

mc admin user svcacct add                       \
   --access-key "myuserserviceaccount"          \                                  
   --secret-key "myuserserviceaccountpassword"  \
   --policy "/path/to/policy.json"              \
   myminio myuser

The command returns the access key and secret key for the new account.

SYNTAX

The command has the following syntax:

mc [GLOBALFLAGS] admin user svcacct add             \
                                    [--access-key]  \
                                    [--secret-key]  \
                                    [--policy]      \
                                    [--comment]     \
                                    ALIAS           \
                                    USER

Parameters

ALIAS

The alias <mc alias> of the MinIO deployment.

USER

The username of the user to which MinIO adds the new access key.

  • For MinIO-managed users <minio-users>, specify the access key for the user.
  • For Active Directory/LDAP users <minio-external-identity-management-ad-ldap>, specify the Distinguished Name of the user.
  • For OpenID Connect users <minio-external-identity-management-openid>, use the MinIO Console <minio-console> to generate access keys.
--access-key

A string to use as the access key for this account. Omit to let MinIO autogenerate a random 20 character value.

Access Key names must be unique across all users.

--comment

RELEASE.2023-05-18T16-59-00Z Replaced by ~mc admin user svcacct add --description and ~mc admin user svcacct add --name.

Originally added in version RELEASE.2023-01-28T20-29-38Z.

This option has been removed. Use --description or --name instead.

--description

RELEASE.2023-05-18T16-59-00Z

Add a description for the service account. For example, you might specify the reason the service account exists.

--name

RELEASE.2023-05-18T16-59-00Z

Add a human-readable name for the service account.

--policy

The path to a policy document <minio-policy> to attach to the new access key. The attached policy cannot grant access to any action or resource not explicitly allowed by the parent user's policies.

--secret-key

The secret key to associate with the new account. Omit to let MinIO autogenerate a random 40-character value.

Global Flags

Behavior

S3 Compatibility