# Identity Management Plugin Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)

## Introduction

# Access Management Plugin Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)

MinIO now includes support for using an Access Management Plugin. This is to allow object storage access control to be managed externally via a webhook.

#### Heal management permissions

- admin:Heal

#### Service account management permissions

- admin:CreateServiceAccount
- admin:UpdateServiceAccount
- admin:RemoveServiceAccount
- admin:ListServiceAccounts

#### Bucket quota management permissions

- admin:SetBucketQuota
- admin:GetBucketQuota

#### Bucket target management permissions

- admin:SetBucketTarget

# AssumeRoleWithCustomToken [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)

## Introduction

To integrate with custom authentication methods using the [Identity Management Plugin](../iam/identity-management-plugin.md)), MinIO provides an STS API extension called `AssumeRoleWithCustomToken`.

After configuring the plugin, use the generated Role ARN with `AssumeRoleWithCustomToken` to get temporary credentials to access object storage.

name: Go vulnerability management - bugs and feature requests
description: Issues or feature requests about Go vulnerability management
title: "x/vuln: issue title"
labels: ["vulncheck or vulndb"]
body:
  - type: markdown
    attributes:

# Vulnerability Management Policy

This document formally describes the process of addressing and managing a
reported vulnerability that has been found in the MinIO server code base,
any directly connected ecosystem component or a direct / indirect dependency
of the code base.

## Scope

The vulnerability management policy described in this document covers the
process of investigating, assessing and resolving a vulnerability report

    permissions:
      issues: write
    runs-on: ubuntu-latest
    steps:
      # Check that issues have proper metadata: labels and milestone
      # https://github.com/gradle/issue-management-action/blob/main/src/issue-metadata.ts

    runs-on: ubuntu-latest
    steps:
      # Feedback loop: ask for something on PR/Issue and close if not provided or return to the queue on update.
      # https://github.com/gradle/issue-management-action/blob/main/src/feedback.ts

      pull-requests: write
    runs-on: ubuntu-latest
    steps:
      # Check that PRs have proper metadata: labels and milestone
      # https://github.com/gradle/issue-management-action/blob/main/src/pull-metadata.ts

To replicate objects in a bucket to a destination bucket on a target site either in the same cluster or a different cluster, start by enabling [versioning](https://docs.min.io/community/minio-object-store/administration/object-management/object-versioning.html) for both source and destination buckets. Finally, the target site and the destination bucket need to be configured on the source MinIO server.

## Highlights