minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-07-30 07:03:26 +03:00
Code Activity
Files
main
docs/source/administration/identity-access-management/minio-group-management.rst
Ravind Kumar d815aa9ce8 Final pass on platformization (#555)
2022-09-16 16:40:20 -04:00

1.7 KiB
Raw Permalink Blame History

Group Management

minio

Table of Contents

Overview

A group is a collection of users <minio-users>. Each group can have one or more assigned policies <minio-policy> that explicitly list the actions and resources to which group members are allowed or denied access.

For example, consider the following groups. Each group is assigned a built-in policy <minio-policy-built-in> or supported policy action <minio-policy-actions>. Each group also has one or more assigned users. Each user's total set of permissions consists of their explicitly assigned permission and the inherited permissions from each of their assigned groups. MinIO by default denies access to any resource or operation not explicitly allowed by a user's assigned or inherited policies.

Group Policy Members
Operations
readwrite on finance bucket
readonly on audit bucket
 john.doe, jane.doe
Auditing
readonly on audit bucket
 jen.doe, joe.doe
Admin admin:* greg.doe, jen.doe

Groups provide a simplified method for managing shared permissions among users with common access patterns and workloads. Client's cannot authenticate to a MinIO deployment using a group as an identity.

The mc admin group command supports the creation and management of groups on the MinIO deployment. See the command reference for examples of usage.