Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 3 of 3 for IsServiceAccount (0.11 sec)

  2. github.com/minio/minio

    cmd/admin-handlers-idp-openid.go 

    		// Filter out any disqualifying access keys
		_, ok := accessKey.Claims[subClaim]
		if !ok {
			continue // OpenID access keys must have a sub claim
		}
		if (!listSTSKeys && !accessKey.IsServiceAccount()) || (!listServiceAccounts && accessKey.IsServiceAccount()) {
			continue // skip if not the type we want
		}
		arn, ok := accessKey.Claims[roleArnClaim].(string)
		if !ok {
			if _, ok := accessKey.Claims[iamPolicyClaimNameOpenID()]; !ok {
    Registered: Sun Sep 07 19:28:11 UTC 2025
    - Last Modified: Sat Sep 06 17:38:46 UTC 2025
    - 7.6K bytes
    - Viewed (0)
  3. github.com/minio/minio

    cmd/user-provider-utils.go 

    		return "", errIAMActionNotAllowed
	}
}

// guessUserProvider - guesses the user provider based on the access key and claims.
func guessUserProvider(credentials auth.Credentials) string {
	if !credentials.IsServiceAccount() && !credentials.IsTemp() {
		return madmin.BuiltinProvider // regular users are always internal
	}

	claims := credentials.Claims
	if _, ok := claims[ldapUser]; ok {
		return madmin.LDAPProvider // ldap users
    Registered: Sun Sep 07 19:28:11 UTC 2025
    - Last Modified: Fri Aug 29 02:39:48 UTC 2025
    - 4.1K bytes
    - Viewed (0)
  4. github.com/minio/minio

    cmd/bucket-policy.go 

    	currTime := UTCNow()

	var (
		username = cred.AccessKey
		claims   = cred.Claims
		groups   = cred.Groups
	)

	if cred.IsTemp() || cred.IsServiceAccount() {
		// For derived credentials, check the parent user's permissions.
		username = cred.ParentUser
	}

	principalType := "Anonymous"
	if username != "" {
		principalType = "User"
		if len(claims) > 0 {
    Registered: Sun Sep 07 19:28:11 UTC 2025
    - Last Modified: Fri Aug 29 02:39:48 UTC 2025
    - 7.9K bytes
    - Viewed (0)
Back to top