diff --git a/s3/minio-create-bucket.sh b/s3/minio-create-bucket.sh new file mode 100644 index 0000000..392abb5 --- /dev/null +++ b/s3/minio-create-bucket.sh @@ -0,0 +1,72 @@ +#!/bin/bash + +# MinIO server endpoints +MINIO_URL="https://s3.intra.lila.network" +MINIO_ADMIN_URL="https://s3-admin.intra.lila.network" + +# Generate random bucket name +echo "Input name of new bucket:" +read BUCKET_NAME + +POLICY_FILE=$(mktemp) + +# Generate access and secret key for the new user +#ACCESS_KEY="$BUCKET_NAME-user" +#SECRET_KEY=$(openssl rand -base64 42) + +# Create the bucket +#mc alias set myminio $MINIO_URL $ADMIN_ACCESS_KEY $ADMIN_SECRET_KEY --insecure +mc mb "minio/$BUCKET_NAME" + +# Create policy for the bucket allowing full access to the new user +cat < "$POLICY_FILE" +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "s3:GetBucketLocation", + "s3:ListBucket" + ], + "Resource": [ + "arn:aws:s3:::$BUCKET_NAME" + ] + }, + { + "Effect": "Allow", + "Action": [ + "s3:GetObject", + "s3:PutObject", + "s3:DeleteObject" + ], + "Resource": [ + "arn:aws:s3:::$BUCKET_NAME/*" + ] + } + ] +} +EOF + + +# Add new user with the generated keys +#mc admin user add minio $ACCESS_KEY $SECRET_KEY + +# Apply the policy to the new user +#mc admin policy create minio $BUCKET_NAME-policy $POLICY_FILE +#mc admin policy attach minio $BUCKET_NAME-policy user=$ACCESS_KEY + + + +mc admin accesskey create minio/ --name "$BUCKET_NAME-ak" --description "autogenerateed by minio-create-bucket" --policy "$POLICY_FILE" + +# Output the details +#echo "" +#echo "------------------------------------" +#echo "Bucket Name: $BUCKET_NAME" +#echo "Access Key: $ACCESS_KEY" +#echo "Secret Key: $SECRET_KEY" +#echo "------------------------------------" + +# Clean up policy file +rm -f "$POLICY_FILE" diff --git a/s3/newS3AccessPolicy.sh b/s3/newS3AccessPolicy.sh new file mode 100755 index 0000000..13ab767 --- /dev/null +++ b/s3/newS3AccessPolicy.sh @@ -0,0 +1,45 @@ +#!/bin/bash +echo "Input user ARN: " +read userArn + +echo "" + +echo "Input bucket ARN: " +read bucketArn + +echo "" +echo "" + + +cat << EOF +{ + "Version": "2012-10-17", + "Statement": [ + { + "Action": "s3:*", + "Effect": "Allow", + "Resource": [ + "$bucketArn", + "$bucketArn/*" + ], + "Principal": { + "AWS": [ + "$userArn" + ] + } + }, + { + "Action": [ + "s3:ListAllMyBuckets" + ], + "Effect": "Allow", + "Resource": "*", + "Principal": { + "AWS": [ + "$userArn" + ] + } + } + ] +} +EOF