- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 119 for accounts (0.85 sec)
-
docs/site-replication/README.md
Previously, site replication required the root credentials of peer sites to be identical. This is no longer necessary because STS tokens are now signed with the site replicator service account credentials, thus allowing flexibility in the independent management of root accounts across sites and the ability to disable root accounts eventually.
Plain Text - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Mon Feb 26 21:30:28 GMT 2024 - 3.4K bytes - Viewed (0) -
docs/sts/ldap.md
### Lookup-Bind A low-privilege read-only LDAP service account is configured in the MinIO server by providing the account's Distinguished Name (DN) and password. This service account is used to perform directory lookups as needed. ``` MINIO_IDENTITY_LDAP_LOOKUP_BIND_DN* (string) DN for LDAP read-only service account used to perform DN and group lookups
Plain Text - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Jan 18 07:03:17 GMT 2024 - 18.4K bytes - Viewed (1) -
docs/sts/keycloak.md
- `account` client_id is a confidential client that belongs to the realm `{realm}` - `account` client_id is has **Service Accounts Enabled** option enabled. - `account` client_id has a custom "Audience" mapper, in the Mappers section. - Included Client Audience: security-admin-console #### Adding 'admin' Role
Plain Text - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Sep 29 04:28:45 GMT 2022 - 8.1K bytes - Viewed (0) -
docs/ftp/README.md
login credentials. - Allows authentication and access for all - Built-in IDP users and their respective service accounts - LDAP/AD users and their respective service accounts - OpenID/OIDC service accounts - On versioned buckets, FTP/SFTP only operates on latest objects, if you need to retrieve
Plain Text - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Tue Apr 30 15:15:45 GMT 2024 - 7.1K bytes - Viewed (0) -
docs/sts/casdoor.md
``` mc admin config set myminio/ identity_openid KEY: identity_openid enable OpenID SSO support ARGS: config_url* (url) openid discovery document e.g. "https://accounts.google.com/.well-known/openid-configuration" client_id (string) unique public identifier for apps e.g. "292085223830.apps.googleusercontent.com" claim_name (string) JWT canned policy claim name, defaults to "policy"
Plain Text - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Sep 29 04:28:45 GMT 2022 - 6.6K bytes - Viewed (0) -
docs/sts/web-identity.md
MINIO_IDENTITY_OPENID_DISPLAY_NAME (string) Friendly display name for this Provider/App MINIO_IDENTITY_OPENID_CONFIG_URL* (url) openid discovery document e.g. "https://accounts.google.com/.well-known/openid-configuration" MINIO_IDENTITY_OPENID_CLIENT_ID* (string) unique public identifier for apps e.g. "292085223830.apps.googleusercontent.com"
Plain Text - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Jan 18 07:03:17 GMT 2024 - 19.2K bytes - Viewed (1) -
docs/iam/opa.md
OPA is enabled through MinIO's Access Management Plugin feature. ## Get started ### 1. Start OPA in a container ```sh podman run -it \ --name opa \ --publish 8181:8181 \
Plain Text - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Sun Jul 17 15:43:14 GMT 2022 - 2.3K bytes - Viewed (0) -
common-protos/k8s.io/api/certificates/v1alpha1/generated.proto
// (root certificates). // // ClusterTrustBundle objects are considered to be readable by any authenticated // user in the cluster, because they can be mounted by pods using the // `clusterTrustBundle` projection. All service accounts have read access to // ClusterTrustBundles by default. Users who only have namespace-level access // to a cluster can read ClusterTrustBundles by impersonating a serviceaccount // that they have access to. //
Plain Text - Registered: Wed May 01 22:53:12 GMT 2024 - Last Modified: Mon Mar 11 18:43:24 GMT 2024 - 4.2K bytes - Viewed (0) -
manifests/charts/README.md
feature, and can be performed by different people/teams at different times. It is strongly recommended that different namespaces are used, with different service accounts. In particular access to the security-critical production components (root CA, policy, control) should be locked down and restricted. The new installer allows multiple instances of
Plain Text - Registered: Wed Apr 24 22:53:08 GMT 2024 - Last Modified: Wed Feb 07 17:53:24 GMT 2024 - 6.7K bytes - Viewed (0) -
common-protos/k8s.io/apimachinery/pkg/apis/testapigroup/v1/generated.proto
// +optional map<string, string> nodeSelector = 7; // ServiceAccountName is the name of the ServiceAccount to use to run this carp. // More info: https://kubernetes.io/docs/concepts/security/service-accounts/ // +optional optional string serviceAccountName = 8; // DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. // Deprecated: Use serviceAccountName instead.
Plain Text - Registered: Wed May 01 22:53:12 GMT 2024 - Last Modified: Mon Mar 11 18:43:24 GMT 2024 - 7.7K bytes - Viewed (0)