minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-04-25 17:22:39 +03:00
Code
docs/source/reference/minio-mc-admin/mc-admin-policy-attach.rst
Andrea Longo 697b851a5d
Rework mc admin prometheus reference page (#1256) 
Split the `mc admin prometheus` page into subpages and add missing docs
for `mc admin prometheus metrics`.

Staged

http://192.241.195.202:9000/staging/DOCS-1255/linux/reference/minio-mc-admin/mc-admin-prometheus.html

Fixes https://github.com/minio/docs/issues/1255

---------

Co-authored-by: Ravind Kumar <ravind@min.io>
2024-06-28 07:35:22 -06:00

3.7 KiB
Raw Blame History

mc admin policy attach

minio

Table of Contents

mc admin policy attach

Syntax

Attaches one or more IAM policies to either a MinIO-managed user or a group <minio-users>.

RELEASE.2023-05-27T05-56-19Z

To successfully attach a policy, the referenced user or group must exist.

Exactly one ~mc admin policy attach --user or one ~mc admin policy attach --group is required.

EXAMPLE

The following command attaches the readonly policy to the user james on the deployment at alias myminio.

mc admin policy attach myminio readonly --user james

SYNTAX

The command has the following syntax:

mc admin policy attach                       \
                TARGET                       \
                POLICY                       \
                [POLICY...]                  \
                [--user USER | --group GROUP]

Important

This command is intended for managing policy associations for MinIO-managed <minio-users> users only.

For attaching policies to OpenID-managed users, see minio-external-identity-management-openid.

For attaching policies to Active Directory/LDAP users or groups, use mc idp ldap policy attach.

Parameters

The mc admin policy attach command accepts the following arguments:

TARGET

The alias <mc alias> of a configured MinIO deployment with the user or group for which you want to attach one or more policies.

POLICY

The name of the policy to attach to either the user or the group.

You may attach multiple policies at once by separating each policy name with a space.

MinIO deployments include the following built-in policies <minio-policy-built-in> by default:

  • readonly
  • readwrite
  • diagnostics
  • writeonly

--user

The username of the identity you want to attach the policy or policies to. You may only list one user.

You must include either the --user flag or the --group flag. You may not use the --user flag at the same time as the --group flag.

--group

The name of the group identity you want to attach the policy or policies to. You may only list one group.

All users with membership in the group inherit the policies associated to the group.

You must include either the --group flag or the --user flag. You may not use the --group flag at the same time as the --user flag.

Global Flags

Examples

Attach the readonly policy to user james on the deployment at alias myminio.

mc admin policy attach myminio readonly --user james

Attach the audit-policy and acct-policy policies to group legal on the deployment at alias myminio.

mc admin policy attach myminio audit-policy acct-policy --group legal