- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 23 for eclair (0.18 sec)
-
docs/sts/web-identity.md
AssumeRoleWithWebIdentity call. 2. `id_token` claims: When the role policy is not configured, MinIO looks for a specific claim in the `id_token` (JWT) returned by the OpenID provider in the STS request. The default claim is `policy` and can be overridden by the `claim_name` configuration parameter or the `MINIO_IDENTITY_OPENID_CLAIM_NAME` environment variable. The claim value can be a string (comma-separated list) or an array of IAM access policy names defined in the server. A `RoleArn` API request...
Plain Text - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Jan 18 07:03:17 GMT 2024 - 19.2K bytes - Viewed (1) -
helm/minio/templates/statefulset.yaml
{{- else }} value: {{ .Values.oidc.clientSecret }} {{- end }} - name: MINIO_IDENTITY_OPENID_CLAIM_NAME value: {{ .Values.oidc.claimName }} - name: MINIO_IDENTITY_OPENID_CLAIM_PREFIX value: {{ .Values.oidc.claimPrefix }} - name: MINIO_IDENTITY_OPENID_SCOPES value: {{ .Values.oidc.scopes }}
Others - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Fri Apr 26 07:50:24 GMT 2024 - 10.7K bytes - Viewed (0) -
cmd/iam.go
} // Finally, if there is no parent policy, check if a policy claim is // present in the session token. if len(policies) == 0 { // If there is no parent policy mapping, we fall back to // using policy claim from JWT. policySet, ok := args.GetPolicies(iamPolicyClaimNameOpenID()) if !ok { // When claims are set, it should have a policy claim field. return false }
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Apr 25 21:28:16 GMT 2024 - 71.1K bytes - Viewed (1) -
cmd/sts-handlers_test.go
// the i-th server in this will be applied the i-th policy in `rolePolicies`. If // a rolePolicies entry is an empty string, that server will be configured as // policy-claim based openid server. NOTE that a valid configuration can have a // policy claim based provider only if it is the only OpenID provider. func (s *TestSuiteIAM) SetUpOpenIDs(c *check, testApps []OpenIDClientAppParams, rolePolicies []string) error {
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Apr 25 15:50:16 GMT 2024 - 85.7K bytes - Viewed (0) -
helm/minio/README.md
### Existing PersistentVolumeClaim If a Persistent Volume Claim already exists, specify it during installation. 1. Create the PersistentVolume 2. Create the PersistentVolumeClaim 3. Install the chart ```bash helm install --set persistence.existingClaim=PVC_NAME minio/minio
Plain Text - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Wed Jan 24 07:27:57 GMT 2024 - 10.9K bytes - Viewed (0) -
helm/minio/values.yaml
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ ## persistence: enabled: true annotations: {} ## A manually managed Persistent Volume and Claim ## Requires persistence.enabled: true ## If defined, PVC must be created manually before volume will be bound existingClaim: "" ## minio data Persistent Volume Storage Class
Others - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Sun Apr 28 10:14:37 GMT 2024 - 18.4K bytes - Viewed (0) -
cmd/auth-handler.go
// secret key, temporary credentials become invalid if // server admin credentials change. This is done to ensure // that clients cannot decode the token using the temp // secret keys and generate an entirely new claim by essentially // hijacking the policies. We need to make sure that this is // based on admin credential such that token cannot be decoded // on the client side and is treated like an opaque value.
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Apr 04 12:04:40 GMT 2024 - 26K bytes - Viewed (0) -
cmd/testdata/undeleteable-object.tgz
},"identity_openid":{"_":[{"key":"enable","value":""},{"key":"display_name","value":""},{"key":"config_url","value":""},{"key":"client_id","value":""},{"key":"client_secret","value":""},{"key":"claim_name","value":"policy"},{"key":"claim_userinfo","value":""},{"key":"role_policy","value":""},{"key":"claim_prefix","value":""},{"key":"redirect_uri","value":""},{"key":"redirect_uri_dynamic","value":"off"},{"key":"scopes","value":""},{"key":"vendor","value":""},{"key":"keycloak_realm","value":""},{"...
Others - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Fri Apr 26 00:31:12 GMT 2024 - 8.7M bytes - Viewed (0) -
cmd/bucket-policy.go
vStr, ok := v.(string) if ok { // Trim any LDAP specific prefix args[strings.ToLower(strings.TrimPrefix(k, "ldap"))] = []string{vStr} } } // Add groups claim which could be a list. This will ensure that the claim // `jwt:groups` works. if grpsVal, ok := claims["groups"]; ok { if grpsIs, ok := grpsVal.([]interface{}); ok { grps := []string{} for _, gI := range grpsIs {
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Apr 04 12:04:40 GMT 2024 - 8K bytes - Viewed (0) -
cmd/iam-store.go
// or service credentials, mapped to all distinct roleARNs associated with the // parent user. The dummy role ARN is associated with parent users from // policy-claim based OpenID providers. func (store *IAMStoreSys) GetAllParentUsers() map[string]ParentUserInfo { cache := store.rlock() defer store.runlock() res := map[string]ParentUserInfo{}
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Sat Apr 27 10:04:10 GMT 2024 - 75.2K bytes - Viewed (2)