You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Minio supports the STS api, enabling users possessing a valid oidc access_token (or id_token) to obtain a temporary set of credentials, which can then be used for regular S3 access.
The API expects a token as input, and returns a set of <AccessKeyId>,<SecretAccessKey>,<SessionToken>, valid until <Expiration>.
My proposal is to implement a new type of resource, called minio_sts_key which will support the Create action taking in input the required parameters and then enrich the resource with the newly obtained credentials.
Description
Minio supports the STS api, enabling users possessing a valid oidc
access_token(orid_token) to obtain a temporary set of credentials, which can then be used for regular S3 access.The API expects a token as input, and returns a set of
<AccessKeyId>,<SecretAccessKey>,<SessionToken>, valid until<Expiration>.My proposal is to implement a new type of resource, called
minio_sts_keywhich will support the Create action taking in input the required parameters and then enrich the resource with the newly obtained credentials.Ref.
https://github.com/minio/minio/blob/master/docs/sts/web-identity.md
Additional Information
I can contribute a proof-of-concept implementation. See scc-digitalhub@1528ded
The text was updated successfully, but these errors were encountered: