bla

2024-11-29 10:30:05 +01:00 · 2024-11-29 10:30:05 +01:00 · 6d82d1e5b0
commit 6d82d1e5b0
parent 99d196a891
2 changed files with 117 additions and 0 deletions
--- a/s3/minio-create-bucket.sh
+++ b/s3/minio-create-bucket.sh
@ -0,0 +1,72 @@
 #!/bin/bash
 # MinIO server endpoints
 MINIO_URL="https://s3.intra.lila.network"
 MINIO_ADMIN_URL="https://s3-admin.intra.lila.network"
 # Generate random bucket name
 echo "Input name of new bucket:"
 read BUCKET_NAME
 POLICY_FILE=$(mktemp)
 # Generate access and secret key for the new user
 #ACCESS_KEY="$BUCKET_NAME-user"
 #SECRET_KEY=$(openssl rand -base64 42)
 # Create the bucket
 #mc alias set myminio $MINIO_URL $ADMIN_ACCESS_KEY $ADMIN_SECRET_KEY --insecure
 mc mb "minio/$BUCKET_NAME"
 # Create policy for the bucket allowing full access to the new user
 cat <<EOF > "$POLICY_FILE"
 {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation",
        "s3:ListBucket"
      ],
      "Resource": [
        "arn:aws:s3:::$BUCKET_NAME"
      ]
    },
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetObject",
        "s3:PutObject",
        "s3:DeleteObject"
      ],
      "Resource": [
        "arn:aws:s3:::$BUCKET_NAME/*"
      ]
    }
  ]
 }
 EOF
 # Add new user with the generated keys
 #mc admin user add minio $ACCESS_KEY $SECRET_KEY
 # Apply the policy to the new user
 #mc admin policy create minio $BUCKET_NAME-policy $POLICY_FILE
 #mc admin policy attach minio $BUCKET_NAME-policy user=$ACCESS_KEY
 mc admin accesskey create minio/ --name "$BUCKET_NAME-ak" --description "autogenerateed by minio-create-bucket" --policy "$POLICY_FILE"
 # Output the details
 #echo ""
 #echo "------------------------------------"
 #echo "Bucket Name: $BUCKET_NAME"
 #echo "Access Key:  $ACCESS_KEY"
 #echo "Secret Key:  $SECRET_KEY"
 #echo "------------------------------------"
 # Clean up policy file
 rm -f "$POLICY_FILE"
--- a/s3/newS3AccessPolicy.sh
+++ b/s3/newS3AccessPolicy.sh
@ -0,0 +1,45 @@
 #!/bin/bash
 echo "Input user ARN: "
 read userArn
 echo ""
 echo "Input bucket ARN: "
 read bucketArn 
 echo ""
 echo ""
 cat << EOF
 {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": "s3:*",
      "Effect": "Allow",
      "Resource": [
        "$bucketArn",
        "$bucketArn/*"
      ],
      "Principal": {
        "AWS": [
          "$userArn"
        ]
      }
    },
    {
      "Action": [
        "s3:ListAllMyBuckets"
      ],
      "Effect": "Allow",
      "Resource": "*",
      "Principal": {
        "AWS": [
          "$userArn"
        ]
      }
    }
  ]
 }
 EOF