Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 17 for roleArns (0.19 sec)

  1. cmd/iam.go

    		// the roleARNs to check if the user still exists. If they don't
    		// we can safely remove credentials for this parent user
    		// associated with any of the provider configurations.
    		//
    		// If there is no roleARN mapped to the user, the user may be
    		// coming from a policy claim based openid provider.
    		roleArns := puInfo.roleArns.ToSlice()
    		var roleArn string
    		if len(roleArns) == 0 {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Oct 29 16:01:48 UTC 2024
    - 74.6K bytes
    - Viewed (0)
  2. cmd/iam-store.go

    			subClaimValue = v
    		}
    
    		roleArn := openid.DummyRoleARN.String()
    		s, ok := claims.Lookup(roleArnClaim)
    		if ok {
    			roleArn = s
    		}
    		v, ok := res[cred.ParentUser]
    		if ok {
    			res[cred.ParentUser] = ParentUserInfo{
    				subClaimValue: subClaimValue,
    				roleArns:      v.roleArns.Union(set.CreateStringSet(roleArn)),
    			}
    		} else {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Mon Oct 14 16:35:37 UTC 2024
    - 83.2K bytes
    - Viewed (0)
  3. internal/bucket/replication/replication.go

    			legacyArn = true
    		}
    		if c.RoleArn == "" && !r.Destination.TargetArn() {
    			return errDestinationArnMissing
    		}
    	}
    	// disallow combining old replication configuration which used RoleArn as target ARN with multiple
    	// destination replication
    	if c.RoleArn != "" && len(targetMap) > 1 {
    		return errRoleArnPresentForMultipleTargets
    	}
    	// validate RoleArn if destination used legacy ARN format.
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Mar 28 17:44:56 UTC 2024
    - 8.9K bytes
    - Viewed (0)
  4. internal/config/identity/openid/openid.go

    				Type:    "openid",
    				Name:    cfg,
    				Enabled: false,
    			})
    		} else {
    			var roleARN string
    			if pcfg.RolePolicy != "" {
    				roleARN = pcfg.roleArn.String()
    			}
    			res = append(res, madmin.IDPListItem{
    				Type:    "openid",
    				Name:    cfg,
    				Enabled: r.Enabled,
    				RoleARN: roleARN,
    			})
    		}
    	}
    
    	return res, nil
    }
    
    // Enabled returns if configURL is enabled.
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Wed Jul 10 20:16:44 UTC 2024
    - 16.6K bytes
    - Viewed (0)
  5. internal/config/identity/plugin/config.go

    // of claims.
    func (o *AuthNPlugin) Authenticate(roleArn arn.ARN, token string) (AuthNResponse, error) {
    	if o == nil {
    		return AuthNResponse{}, nil
    	}
    
    	if roleArn != o.args.RoleARN {
    		return AuthNResponse{}, fmt.Errorf("Invalid role ARN value: %s", roleArn.String())
    	}
    
    	u := url.URL(*o.args.URL)
    	q := u.Query()
    	q.Set("token", token)
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Fri May 24 23:05:23 UTC 2024
    - 13.3K bytes
    - Viewed (0)
  6. cmd/sts-handlers.go

    	}
    
    	accessToken := r.Form.Get(stsWebIdentityAccessToken)
    
    	// RoleARN parameter processing: If a role ARN is given in the request, we
    	// use that and validate the authentication request. If not, we assume this
    	// is an STS request for a claim based IDP (if one is present) and set
    	// roleArn = openid.DummyRoleARN.
    	//
    	// Currently, we do not support multiple claim based IDPs, as there is no
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Aug 15 01:29:20 UTC 2024
    - 33.9K bytes
    - Viewed (0)
  7. internal/config/identity/openid/providercfg.go

    	ClaimUserinfo      bool
    	RedirectURI        string
    	RedirectURIDynamic bool
    	DiscoveryDoc       DiscoveryDoc
    	ClientID           string
    	ClientSecret       string
    	RolePolicy         string
    
    	roleArn  arn.ARN
    	provider provider.Provider
    }
    
    func newProviderCfgFromConfig(getCfgVal func(cfgName string) string) providerCfg {
    	return providerCfg{
    		DisplayName:        getCfgVal(DisplayName),
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Fri May 24 23:05:23 UTC 2024
    - 4.6K bytes
    - Viewed (0)
  8. cmd/data-usage.go

    			cfg, _ := getReplicationConfig(GlobalContext, bucket)
    			if cfg != nil && cfg.RoleArn != "" {
    				if dataUsageInfo.ReplicationInfo == nil {
    					dataUsageInfo.ReplicationInfo = make(map[string]BucketTargetUsageInfo)
    				}
    				dataUsageInfo.ReplicationInfo[cfg.RoleArn] = BucketTargetUsageInfo{
    					ReplicationFailedSize:   bui.ReplicationFailedSizeV1,
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu May 09 00:51:34 UTC 2024
    - 5.6K bytes
    - Viewed (0)
  9. docs/distributed/samples/myminio-iam-info-openid.zip

    h":"fjGB4ldChsaf9vSFdZ1P","email":"******@****.***","email_verified":true,"groups":["projecta","projectb"],"iat":1726558680,"iss":"http://127.0.0.1:5556/dex","name":"Dillon Harper","parent":"oCnAoSQFtdVQtKwrB73j","preferred_username":"dillon","roleArn":"arn:minio:iam:::role/nOybJqMNzNmroqEKq5D0","sa-policy":"inherited-policy","sub":"Cit1aWQ9ZGlsbG9uLG91"},"sessionPolicy":null,"status":"on","name":"","description":"","expiration":"1970-01-01T00:00:00Z"},"dillon-svcacct-1":{"parent":"oCnAoSQFtdV...
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Sep 17 16:45:46 UTC 2024
    - 2K bytes
    - Viewed (0)
  10. docs/sts/web-identity.md

    defined in the server. In this situation, the server prints a role ARN at startup that must be specified as a `RoleArn` API request parameter in the STS AssumeRoleWithWebIdentity API call. When using Role Policies, multiple OpenID providers and/or client applications (with unique client IDs) may be configured with independent role policies. Each configuration is assigned a unique RoleARN by the MinIO server and this is used to select the policies to apply to temporary credentials generated in the...
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Wed Jul 10 20:16:44 UTC 2024
    - 18.9K bytes
    - Viewed (0)
Back to top