minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-07-28 19:42:10 +03:00
Code Activity
Files
ca34aa7e43134c19aec6dfb72b9545212470dda5
docs/source/reference/minio-server/settings/root-credentials.rst
Daryl White c67d446bac Minor fixes to address multiple small issues (#1326) 
A few quick fixes noted in several issues:

- Literal reference in mc batch generate pointed to the wrong include
   Closes #1318 
- Lingering reference to an "unregister" function removed
  Closes #1324
- Adds admonition about root credentials required, even with KES
  Closes #1325 
- Adds mc batch cancel to list of commands on batch framework overview
page
   Closes #1310
- Updates mc client page S3 link to avoid possible copy/paste confusion
  Closes #1311
2024-09-20 11:25:14 -04:00

3.7 KiB
Raw Blame History

Root Access Settings

minio

Table of Contents

This page covers settings that control root (superuser) access for the MinIO process. The root user has complete access and permissions to perform operations on the MinIO deployment.

Root User and Root Password are required even if you use the MinIO Key Encryption Service <> or other key management utility.

Root User

Environment Variable

MINIO_ROOT_USER

The access key for the root <minio-users-root> user.

Warning

If MINIO_ROOT_USER is unset, minio defaults to minioadmin.

NEVER use the default credentials in production environments. MinIO strongly recommends specifying a unique, long, and random MINIO_ROOT_USER value for all environments.

Configuration Setting

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Root Password

Environment Variable

MINIO_ROOT_PASSWORD

The secret key for the root <minio-users-root> user.

Warning

If MINIO_ROOT_PASSWORD is unset, minio defaults to minioadmin.

NEVER use the default credentials in production environments. MinIO strongly recommends specifying a unique, long, and random MINIO_ROOT_PASSWORD value for all environments.

Configuration Setting

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Root Access

Environment Variable

MINIO_API_ROOT_ACCESS

Configuration Setting

api root-access

MinIO Server RELEASE.2023-05-04T21-44-30Z

Specify on to enable and off to disable the root <minio-users-root> user account. Disabling the root service account also disables all service accounts associated with root, excluding those used by site replication. Defaults to on.

Important

If you disable root API access with this setting, you must still set a root user and a root password for internal use.

Ensure you have at least one other admin user, such as one with the consoleAdmin policy, before disabling the root account. If you do not have another admin user, disabling the root account locks administrative access to the deployment.

You can use this variable to temporarily override the configuration setting and re-enable root access to the deployment.

To reset after an unintentional lock, set MINIO_API_ROOT_ACCESS on to override this setting and temporarily re-enable the root account. You can then change this setting to on or make the necessary user/policy changes to ensure normal administrative access through other non-root accounts.

Unique Root Credentials