Search Options

Results per page
Sort
Preferred Languages
Advance

Results 31 - 40 of 119 for sts (0.03 sec)

  1. cmd/veeam-sos-api.go

    //   - Handover of IAM & STS Endpoints instead of manual definition in Veeam Backup & Replication. This allows Veeam
    //     Agents to directly backup to object storage.
    //
    // An object storage system can implement one, multiple, or all functions.
    //
    //   - Optional (mandatory if <IAMSTS> is true): Set Endpoints for IAM and STS processing.
    //
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Aug 15 00:34:56 UTC 2024
    - 8.8K bytes
    - Viewed (0)
  2. internal/config/identity/openid/jwt.go

    		// string containing a StringOrURI value
    		azpValues, ok := policy.GetValuesFromClaims(mclaims, azpClaim)
    		if !ok {
    			return errors.New("STS JWT Token has `azp` claim invalid, `azp` must match configured OpenID Client ID")
    		}
    		if !azpValues.Contains(pCfg.ClientID) {
    			return errors.New("STS JWT Token has `azp` claim invalid, `azp` must match configured OpenID Client ID")
    		}
    	}
    
    	return nil
    }
    
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Fri Sep 06 02:46:36 UTC 2024
    - 8.4K bytes
    - Viewed (0)
  3. docs/iam/opa.md

    OPA is a lightweight general-purpose policy engine that can be co-located with MinIO server, in this document we talk about how to use OPA HTTP API to authorize requests. It can be used with any type of credentials (STS based like OpenID or LDAP, regular IAM users or service accounts).
    
    OPA is enabled through MinIO's Access Management Plugin feature.
    
    ## Get started
    
    ### 1. Start OPA in a container
    
    ```sh
    podman run -it \
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Jul 17 15:43:14 UTC 2022
    - 2.3K bytes
    - Viewed (0)
  4. cmd/iam.go

    // policy for the STS credential. The policy mapping can be updated by the
    // administrator.
    //
    // - from `Subject.CommonName` field from the STS request for
    // AssumeRoleWithCertificate. In this case, the policy for the STS credential
    // has the same name as the value of this field.
    //
    // - from special JWT claim from STS request for AssumeRoleWithOIDC API (when
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Oct 29 16:01:48 UTC 2024
    - 74.6K bytes
    - Viewed (0)
  5. docs/iam/identity-management-plugin.md

    with an Identity Management Plugin webhook. When configured, this plugin enables the `AssumeRoleWithCustomToken` STS API extension. A user or application can now present a token to the `AssumeRoleWithCustomToken` API, and MinIO verifies this token by sending it to the Identity Management Plugin webhook. This plugin responds with some information and MinIO is able to generate temporary STS credentials to interact with object storage.
    
    The authentication flow is similar to that of OpenID, however...
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Fri May 27 00:58:09 UTC 2022
    - 4.2K bytes
    - Viewed (0)
  6. docs/multi-user/admin/README.md

    special permissions listed above. Follow [MinIO STS Quickstart Guide](https://min.io/docs/minio/linux/developers/security-token-service.html) to manage users with an IDP.
    
    ## Explore Further
    
    - [MinIO Client Complete Guide](https://min.io/docs/minio/linux/reference/minio-mc.html)
    - [MinIO STS Quickstart Guide](https://min.io/docs/minio/linux/developers/security-token-service.html)
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Mar 21 06:38:06 UTC 2023
    - 4.5K bytes
    - Viewed (0)
  7. docs/sts/keycloak.md

    ```
    $ go run docs/sts/web-identity.go -cid account -csec 072e7f00-4289-469c-9ab2-bbe843c7f5a8  -config-ep "http://localhost:8080/auth/realms/minio/.well-known/openid-configuration" -port 8888
    2018/12/26 17:49:36 listening on http://localhost:8888/
    ```
    
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Sep 29 04:28:45 UTC 2022
    - 8.1K bytes
    - Viewed (0)
  8. cmd/stserrorcode_string.go

    // Code generated by "stringer -type=STSErrorCode -trimprefix=Err sts-errors.go"; DO NOT EDIT.
    
    package cmd
    
    import "strconv"
    
    func _() {
    	// An "invalid array index" compiler error signifies that the constant values have changed.
    	// Re-run the stringer command to generate them again.
    	var x [1]struct{}
    	_ = x[ErrSTSNone-0]
    	_ = x[ErrSTSAccessDenied-1]
    	_ = x[ErrSTSMissingParameter-2]
    	_ = x[ErrSTSInvalidParameterValue-3]
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Aug 03 20:24:25 UTC 2023
    - 1.4K bytes
    - Viewed (0)
  9. docs/sts/dex.md

    ```
    export MINIO_IDENTITY_OPENID_CLAIM_NAME=groups
    ```
    
    and add relevant policies on MinIO using `mc admin policy create myminio/ <group_name> group-access.json`
    
    ## Explore Further
    
    - [MinIO STS Quickstart Guide](https://min.io/docs/minio/linux/developers/security-token-service.html)
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Mar 21 06:38:06 UTC 2023
    - 3.8K bytes
    - Viewed (0)
  10. docs/sts/web-identity.py

    callback_uri = "http://localhost:8000/oauth2/callback"
    
    # keycloak id and secret
    client_id = 'account'
    client_secret = 'daaa3008-80f0-40f7-80d7-e15167531ff0'
    
    sts_client = boto3.client(
        'sts',
        region_name='us-east-1',
        use_ssl=False,
        endpoint_url='http://localhost:9000',
    )
    
    app = Flask(__name__)
    
    
    @app.route('/')
    def homepage():
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Wed Jul 28 01:37:51 UTC 2021
    - 2.9K bytes
    - Viewed (0)
Back to top