Where do I find/ create Access and Secret Keys?

jdaviescoates

I managed to do this before, but now I can't for the life of me work out how/ where I find/ create Access and Secret Keys?

Help!

robi

@jdaviescoates is it not in the latest install instructions?

jdaviescoates

@robi no, there is no mention of keys in either the first time set-up instructions nor the docs.

robi

@jdaviescoates isn't that per bucket, and hence on new bucket creation?

scooke

I believe these are under the User pane. The Access key is essentially a Username, and the Secret Key is essentially a password. If you haven't written down the Secret Key/Password when creating the User, then you can reset it by clicking on the User, then the Access Key (which is basically the username), and then on the far right clicking on Change Password.

Other than that, the only thing I've found online advises checking a config.json file - https://www.linuxhelp.com/how-to-change-access-key-and-secret-key-for-minio-on-centos-7, but I'm not sure if this refers to the Admin user, or to any User?password, Access Key/Secret Key combo that's been created. And I don't know if that config.json file is accessible in the Cloudron install (I've set mine up natively).

Good luck!

BrutalBirdie

Guys.. the doc
https://docs.cloudron.io/apps/minio/

Multi-user

MinIO supports multiple long term users in addition to default user created during server startup. New users have to added using the CLI tool. You can read the full docs here.

Install Minio CLI tool

Configure CLI tool to point to your minio installation

mc alias set myminio https://minio.cloudron.club minioadmin minioadmin --api s3v4

Create a policy file

cat > getonly.json << EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:GetObject"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::my-bucketname/*"
      ],
      "Sid": ""
    }
  ]
}
EOF

Add the policy

mc admin policy add myminio getonly getonly.json

Add new user

mc admin user add myminio newuser password123

Set policy on user

mc admin policy set myminio getonly user=newuser

---

Another TL;DR from me.
Create a User for each Bucket.
Then create a IAM Policy for each Bucket.

Example:

rancher-local-rw IAM

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::rancher-local/*"
            ]
        }
    ]
}

The Bucket name ist rancher-local.
Now I create a user and add this IAM policy to him.

Then the access-key and secret-key ist simply username and his password

girish

@jdaviescoates Identity -> Service Accounts will give you access and secret keys. Is that what you are asking?

girish

I put this info in https://docs.cloudron.io/apps/minio/#access-keys