# AssumeRole [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)

## Introduction

Returns a set of temporary security credentials that you can use to access MinIO resources. AssumeRole requires authorization credentials for an existing user on MinIO. The advantages of this API are

service.loadBalancerSourceRa Addresses that are allowed when service is LoadBalancer ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service ## #loadBalancerSourceRa: # - 10.10.10.0/24 loadBalancerSourceRa: [] ## service.externalTrafficPolic minio service external traffic policy ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip ## externalTrafficPolic:...

password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://min.io/docs/minio/kubernetes/upstream/administration/identity-access-management.html#access-management ## NOTE: this will fail if LDAP is enabled in your MinIO deployment ## make sure to disable this if you are using LDAP. - accessKey: console secretKey: console123 policy: consoleAdmin # Or you can refer to specific secret #-...

password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://min.io/docs/minio/kubernetes/upstream/administration/identity-access-management.html#access-management ## NOTE: this will fail if LDAP is enabled in your MinIO deployment ## make sure to disable this if you are using LDAP. - accessKey: console secretKey: console123 policy: consoleAdmin # Or you can refer to specific secret #-...

password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://min.io/docs/minio/kubernetes/upstream/administration/identity-access-management.html#access-management ## NOTE: this will fail if LDAP is enabled in your MinIO deployment ## make sure to disable this if you are using LDAP. - accessKey: console secretKey: console123 policy: consoleAdmin # Or you can refer to specific secret #-...

password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://min.io/docs/minio/kubernetes/upstream/administration/identity-access-management.html#access-management ## NOTE: this will fail if LDAP is enabled in your MinIO deployment ## make sure to disable this if you are using LDAP. - accessKey: console secretKey: console123 policy: consoleAdmin # Or you can refer to specific secret #-...

```
cat ${HADOOP_CONF_DIR}/core-site.xml | kv-pairify | grep "s3a"

fs.s3a.access.key=minio
fs.s3a.secret.key=minio123
fs.s3a.path.style.access=true
fs.s3a.block.size=512M
fs.s3a.buffer.dir=${hadoop.tmp.dir}/s3a
fs.s3a.committer.magic.enabled=false
fs.s3a.committer.name=directory
fs.s3a.committer.staging.abort.pending.uploads=true

        msgs.add("*****************************************************************");
        msgs.add("* An aggregator Mojo is already executing in parallel build,    *");
        msgs.add("* but aggregator Mojos require exclusive access to reactor to   *");
        msgs.add("* prevent race conditions. This mojo execution will be blocked  *");
        msgs.add("* until the aggregator work is done.                            *");

client application can be distributed that requests temporary security credentials without including MinIO default credentials. Instead, the identity of the caller is validated by using a JWT access token from the identity provider. The temporary security credentials returned by this API consists of an access key, a secret key, and a security token. Applications can use these temporary security credentials to sign calls to MinIO API operations.

By default, the temporary security credentials...

# Keycloak Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)

Keycloak is an open source Identity and Access Management solution aimed at modern applications and services, this document covers configuring Keycloak identity provider support with MinIO.

## Prerequisites

Configure and install keycloak server by following [Keycloak Installation Guide](https://www.keycloak.org/docs/latest/server_installation/#installing-the-software).