minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-08-06 14:42:56 +03:00
Code Activity
Files
relax-event-restriction
docs/source/reference/minio-server/settings/iam/minio-access-plugin.rst
Ravind Kumar 4edb3f7bae Improve documentation on MINIO_DOMAIN (#1131) 
# Summary

As per a recent customer issue, our guidance on `MINIO_DOMAIN` and
path/virtual bucket lookups needs some attention.

There are two main areas to address:

1. We need to guide users to avoid namespace collision within the
`MINIO_DOMAIN` , as this causes bucket lookup issues with certain MinIO
services/features
2. We need to generally improve docs on setting `MINIO_DOMAIN` correctly

There is also a side objective from Engineering to ensure we have a
simple admonition to direct users to test wherever possible changes to
config settings before applying to production.

---------

Co-authored-by: Daryl White <53910321+djwfyi@users.noreply.github.com>
2024-02-14 17:16:58 -05:00

144 lines
3.4 KiB
ReStructuredText
Raw Permalink Blame History

.. _minio-server-envvar-external-access-management-plugin:
=======================================
MinIO Access Management Plugin Settings
=======================================
.. default-domain:: minio
.. contents:: Table of Contents
:local:
:depth: 2
This page documents settings for enabling external authorization management using the MinIO Access Management Plugin.
See :ref:`minio-external-access-management-plugin` for a tutorial on using these settings.
.. include:: /includes/common-mc-admin-config.rst
:start-after: start-minio-settings-defined
:end-before: end-minio-settings-defined
.. include:: /includes/common-mc-admin-config.rst
:start-after: start-minio-settings-test-before-prod
:end-before: end-minio-settings-test-before-prod
Examples
--------
When setting up the MinIO Access Management plugin, you must define at minimum all *required* settings.
The examples here represent the minimum required setting.
.. tab-set::
.. tab-item:: Environment Variables
:sync: envvar
.. code-block:: shell
MINIO_POLICY_PLUGIN_URL="https://authzservice.example.net:8080/authz"
.. tab-item:: Configuration Settings
:sync: config
.. mc-conf:: policy_plugin
Use the :mc:`mc admin config set` command to create or update the access management plugin configuration.
The ``policy_plugin url`` argument is required.
Specify additional optional arguments as a whitespace (" ")-delimited list.
.. code-block:: shell
mc admin config set policy_plugin \
url="https://authzservice.example.net:8080/authz" \
[ARGUMENT=VALUE] ...
Settings
--------
URL
~~~
*Required*
.. tab-set::
.. tab-item:: Environment Variable
:sync: envvar
.. envvar:: MINIO_POLICY_PLUGIN_URL
.. tab-item:: Configuration Setting
:sync: config
.. mc-conf:: policy_plugin url
:delimiter: " "
.. include:: /includes/common-minio-external-auth.rst
:start-after: start-minio-access-management-plugin-url
:end-before: end-minio-access-management-plugin-url
Auth Token
~~~~~~~~~~
*Optional*
.. tab-set::
.. tab-item:: Environment Variable
:sync: envvar
.. envvar:: MINIO_POLICY_PLUGIN_AUTH_TOKEN
.. tab-item:: Configuration Setting
:sync: config
.. mc-conf:: policy_plugin auth_token
:delimiter: " "
.. include:: /includes/common-minio-external-auth.rst
:start-after: start-minio-access-management-plugin-auth-token
:end-before: end-minio-access-management-plugin-auth-token
HTTP2
~~~~~
*Optional*
.. tab-set::
.. tab-item:: Environment Variable
:sync: envvar
.. envvar:: MINIO_POLICY_PLUGIN_ENABLE_HTTP2
.. tab-item:: Configuration Setting
:sync: config
.. mc-conf:: policy_plugin enable_http2
:delimiter: " "
.. include:: /includes/common-minio-external-auth.rst
:start-after: start-minio-access-management-plugin-enable-http2
:end-before: end-minio-access-management-plugin-enable-http2
Comment
~~~~~~~
*Optional*
.. tab-set::
.. tab-item:: Environment Variable
:sync: envvar
.. envvar:: MINIO_POLICY_PLUGIN_COMMENT
.. tab-item:: Configuration Setting
:sync: config
.. mc-conf:: policy_plugin comment
:delimiter: " "
.. include:: /includes/common-minio-external-auth.rst
:start-after: start-minio-access-management-plugin-comment
:end-before: end-minio-access-management-plugin-comment
View Git Blame Copy Permalink