Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 6 of 6 for AssumeRoleWithCertificate (0.14 sec)

  1. docs/sts/tls.md

    ```
    export MINIO_IDENTITY_TLS_ENABLE=on
    ```
    
    ## Example
    
    MinIO exposes a custom S3 STS API endpoint as `Action=AssumeRoleWithCertificate`. A client has to send an HTTP `POST` request to `https://<host>:<port>?Action=AssumeRoleWithCertificate&Version=2011-06-15`. Since the authentication and authorization happens via X.509 certificates the client has to send the request over **TLS** and has to provide
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Sep 29 04:28:45 UTC 2022
    - 6K bytes
    - Viewed (1)
  2. cmd/sts-handlers.go

    }
    
    // AssumeRoleWithCertificate implements user authentication with client certificates.
    // It verifies the client-provided X.509 certificate, maps the certificate to an S3 policy
    // and returns temp. S3 credentials to the client.
    //
    // API endpoint: https://minio:9000?Action=AssumeRoleWithCertificate&Version=2011-06-15
    func (sts *stsAPIHandlers) AssumeRoleWithCertificate(w http.ResponseWriter, r *http.Request) {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Aug 15 01:29:20 UTC 2024
    - 33.9K bytes
    - Viewed (0)
  3. cmd/sts-datatypes.go

    // AssumeRoleWithLDAPIdentity request.
    type LDAPIdentityResult struct {
    	Credentials auth.Credentials `xml:",omitempty"`
    }
    
    // AssumeRoleWithCertificateResponse contains the result of
    // a successful AssumeRoleWithCertificate request.
    type AssumeRoleWithCertificateResponse struct {
    	XMLName xml.Name `xml:"https://sts.amazonaws.com/doc/2011-06-15/ AssumeRoleWithCertificateResponse" json:"-"`
    	Result  struct {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Fri May 27 00:58:09 UTC 2022
    - 9.9K bytes
    - Viewed (0)
  4. cmd/iam-object-store.go

    			// server).
    			//
    			// The "policy not found" error is ignored because the STS account may
    			// not have a policy mapped via its parent (for e.g. in
    			// OIDC/AssumeRoleWithCustomToken/AssumeRoleWithCertificate).
    			err := iamOS.loadMappedPolicy(ctx, svcParent, stsUser, false, cache.iamSTSPolicyMap)
    			if err != nil && !errors.Is(err, errNoSuchPolicy) {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Oct 10 23:40:37 UTC 2024
    - 26.6K bytes
    - Viewed (0)
  5. cmd/iam.go

    // policy for the STS credential. The policy mapping can be updated by the
    // administrator.
    //
    // - from `Subject.CommonName` field from the STS request for
    // AssumeRoleWithCertificate. In this case, the policy for the STS credential
    // has the same name as the value of this field.
    //
    // - from special JWT claim from STS request for AssumeRoleWithOIDC API (when
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Oct 29 16:01:48 UTC 2024
    - 74.6K bytes
    - Viewed (0)
  6. cmd/iam-store.go

    // storage and in cache. We do not check for the existence of the user here
    // since users can be virtual, such as for:
    //   - LDAP users
    //   - CommonName for STS accounts generated by AssumeRoleWithCertificate
    func (store *IAMStoreSys) PolicyDBSet(ctx context.Context, name, policy string, userType IAMUserType, isGroup bool) (updatedAt time.Time, err error) {
    	if name == "" {
    		return updatedAt, errInvalidArgument
    	}
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Mon Oct 14 16:35:37 UTC 2024
    - 83.2K bytes
    - Viewed (0)
Back to top