minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-04-25 17:22:39 +03:00
Code
docs/source/reference/minio-mc-admin/mc-admin-policy-entities.rst
Ravind Kumar 6a1697c9f5
DOCS-1022: Use 'mc idp ldap policy' for AD/LDAP policy assignments (#1026) 
---------

Co-authored-by: Daryl White <53910321+djwfyi@users.noreply.github.com>
2023-10-05 16:59:43 -04:00

6.1 KiB
Raw Blame History

mc admin policy entities

minio

Table of Contents

mc admin policy entities

Syntax

List the entities associated with a policy, user, or group on a target MinIO deployment.

RELEASE.2023-05-27T05-56-19Z

This command only returns minio-managed users and groups <minio-users>.

To list entities associated with an Active Directory or LDAP (AD/LDAP) configuration, use mc idp ldap policy entities.

For example, you can list all of the users and groups attached to a policy or list all of the policies attached to a specific user or group.

EXAMPLE

The following command returns a list of the policies associated with the user bob on the deployment at alias myminio.

mc admin policy entities myminio/ --user bob

SYNTAX

The command has the following syntax:

mc admin policy entities         \
                TARGET           \
                [--user value]   \
                [--group value]  \
                [--policy value]

Important

This command is intended for managing policy associations for MinIO-managed <minio-users> users only.

For managing policies to OpenID-managed users, see minio-external-identity-management-openid.

For viewing policies for Active Directory/LDAP users or groups, use mc idp ldap policy entities.

Parameters

The mc admin policy entities command accepts the following arguments:

TARGET

The alias <mc alias> of a configured MinIO deployment on which to add the new policy.

--group

The name of the group identity for which you want to list attached policies.

You may include multiple groups by repeating the flag multiple times. The command returns each group with a list of associated entities.

--policy

The name of a policy for which to list associated entities.

You may include multiple policies by repeating the flag multiple times. The command returns each policy with a list of all associated entities.

--user

The username of the identity for which you want to list attached policies.

You may include multiple users by repeating the flag multiple times. The command returns each user with a list of associated policies.

Global Flags

Examples

List all entities and policy associations for a deployment

The following command lists all policies and the entity mappings associated with them on the deployment at alias myminio.

mc admin policy entities myminio/

List entities associated with two different policies

The following command lists all entities associated with the policies inteam-policy and mlteam-policy on the deployment at alias myminio.

mc admin policy entities myminio/ --policy finteam-policy --policy mlteam-policy

List policies associated with two different users

The following command lists all policies associated with the users bob and james on the deployment at alias myminio.

The command outputs the list of policies associated with bob then the list of policies associated with james on the deployment at alias myminio.

mc admin policy entities myminio/ --user bob --user james

List policies associated with two different groups

The following command lists all policies associated with the groups auditors and accounting on the deployment at alias myminio.

The command outputs the list of policies associated with the group auditors then the list of policies associated with the group accounting on the deployment at alias myminio.

mc admin policy entities play/ --group auditors --group accounting

List policies associated with a policy, a group, and a user

The following command lists all policies associated with the policy finteam-policy, the user bobfisher, and the group consulting on the deployment at alias myminio.

The command outputs the list of groups and users associated with the policy finteam-policy, then lists the policies associated with the user bobfisher, and finally lists the policies associated with the group consulting on the deployment at alias myminio.

mc admin policy entities play/ \                                                                        
           --policy finteam-policy --user bobfisher --group consulting

Output

The output of the commands resembles the following:

Query time: 2023-04-04T20:39:27Z
  Policy -> Entity Mappings:
    Policy: finteam-policy
      User Mappings:
        bobfisher
    Policy: diagnostics
      User Mappings:
        james
        bobfisher
        marcia
      Group Mappings:
        consulting
        auditors
  User -> Policy Mappings:
    User: bobfisher
      ALLOW_PUBLIC_READ
      finteam-policy
      diagnostics
      readonly
      readwrite
      writeonly