Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Assume Role API support #960

Merged
merged 1 commit into from
Feb 2, 2022
Merged

Assume Role API support #960

merged 1 commit into from
Feb 2, 2022

Conversation

prakashsvmx
Copy link
Member

@prakashsvmx prakashsvmx commented Aug 31, 2021
edited
Loading

Assume Role API support

Fixes #841
Fixes #928
Fixes #818

Start the server

Create user (assign no policy) - Test Error scenarios
Assign policies to test the other scenarios.

Tested with

  • MinIO Server
  • S3
Test Script 
const Arp =  require('../../dist/main/AssumeRoleProvider')
var Minio = require("../../dist/main/minio")
const _ = require('lodash')
const AssumeRoleProvider = Arp.AssumeRoleProvider


// Instantiate the minio client with the endpoint
// and access keys as shown below.
//Play instance
var minioClient = new Minio.Client({
  endPoint: 'play.min.io',
  port: 9000,
  useSSL: true,
  accessKey: 'Q3AM3UQ867SPQQA43P2F',
  secretKey: 'zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG'
})

//Local testing
minioClient = new Minio.Client({
  endPoint: 'localhost',
  port: 9000,
  useSSL: false,
  accessKey: 'minio',
  secretKey: 'minio123'
})

const file = '/home/prakash/Downloads/Temp/MinIOJSTestObjects/cardinal-points.png'
const bucketName = "sph-my-bucket"
const objectName="cardinal-points.png"
const prefix="test"
const objectNameWithPrefix = `${prefix}/${objectName}`


const getAssumeRoleCredentialsWithSet  =  async () => {
    //minioClient.traceOn()
    const withoutRole = await minioClient.statObject(bucketName,"PDT.png")
    console.log("Without role:", withoutRole)

    let ap = new AssumeRoleProvider({
        stsEndpoint:"http://127.0.0.1:9000",
        //"https://play.min.io:9000"
        accessKey: 'miniojs',
        secretKey: 'miniojs123'
    })
    await minioClient.setCredentialsProvider(ap)// `await` this is important.

    const withRole = await minioClient.statObject(bucketName,"PDT.png")
    console.log("With Role details:", withRole)

}


const getAssumeRoleInitialize  =  async () => {
  //minioClient.traceOn()
  let asRoleProvider = new AssumeRoleProvider({
    stsEndpoint:"http://127.0.0.1:9000",
    accessKey: 'miniojs',
    secretKey: 'miniojs123'

  })
    const asRoleClient= new Minio.Client({
        endPoint: 'localhost',
        port: 9000,
        useSSL: false,
        accessKey: 'miniojs',
        secretKey: 'miniojs123',
        credentialsProvider:asRoleProvider
    })

    const withRole = await asRoleClient.statObject(bucketName,"PDT.png")
    console.log("Got 1st details at::", new Date())


    setTimeout(async ()=>{
        console.log("Try Refresh Expiry...")
        const beforeExpiry = await asRoleClient.statObject(bucketName,"PDT.png")
        console.log("Got 2nd details at::", new Date(),beforeExpiry)

    }, (1*60*1000))

}

@prakashsvmx prakashsvmx self-assigned this Aug 31, 2021
@prakashsvmx prakashsvmx mentioned this pull request Aug 31, 2021
Closed
This was referenced Sep 1, 2021
Closed
Closed
@prakashsvmx prakashsvmx force-pushed the assume-role-api branch 5 times, most recently from 99b5a71 to 5c71c96 Compare October 18, 2021 05:47
@prakashsvmx prakashsvmx force-pushed the assume-role-api branch 2 times, most recently from 3c19fe1 to 88baa2f Compare December 9, 2021 08:56
@dvaldivia
Copy link

PTAL @kannappanr @kanagarajkm

@harshavardhana harshavardhana merged commit 0c4a50b into minio:master Feb 2, 2022
@prakashsvmx prakashsvmx deleted the assume-role-api branch February 10, 2022 16:53
@LEDfan LEDfan mentioned this pull request Mar 3, 2022
Closed
This was referenced Sep 1, 2022
Closed
Open
This was referenced Nov 11, 2022
Closed
Open
@prakashsvmx prakashsvmx mentioned this pull request Apr 12, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kanagarajkm kanagarajkm kanagarajkm approved these changes

@dvaldivia dvaldivia dvaldivia approved these changes

@kannappanr kannappanr Awaiting requested review from kannappanr

Assignees

@prakashsvmx prakashsvmx

Labels
None yet
Projects
None yet
Milestone
No milestone
4 participants
@prakashsvmx @dvaldivia @kanagarajkm @harshavardhana