Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request - Service Account extra attributes #580

Open
caiodelgadonew opened this issue Aug 16, 2024 · 2 comments
Open

Feature Request - Service Account extra attributes #580

caiodelgadonew opened this issue Aug 16, 2024 · 2 comments

Comments

@caiodelgadonew
Copy link

Support extra attributes on minio_iam_service_account

In mc/mcli binary there's some extra options over the svcacct command like the following

FLAGS:
  --access-key value            set an access key for the service account
  --secret-key value            set a secret key for the service account
  --policy value                path to a JSON policy file
  --name value                  friendly name for the service account
  --description value           description for the service account
  --expiry value                time of expiration for the service account
  --config-dir value, -C value  path to configuration folder (default: "/home/caiodelgado/.mcli") [$MC_CONFIG_DIR]
  --quiet, -q                   disable progress bar display [$MC_QUIET]
  --disable-pager, --dp         disable mc internal pager and print to raw stdout [$MC_DISABLE_PAGER]
  --no-color                    disable color theme [$MC_NO_COLOR]
  --json                        enable JSON lines formatted output [$MC_JSON]
  --debug                       enable debug output [$MC_DEBUG]
  --resolve value               resolves HOST[:PORT] to an IP address. Example: minio.local:9000=10.10.75.1 [$MC_RESOLVE]
  --insecure                    disable SSL certificate verification [$MC_INSECURE]
  --limit-upload value          limits uploads to a maximum rate in KiB/s, MiB/s, GiB/s. (default: unlimited) [$MC_LIMIT_UPLOAD]
  --limit-download value        limits downloads to a maximum rate in KiB/s, MiB/s, GiB/s. (default: unlimited) [$MC_LIMIT_DOWNLOAD]

I would like to be able to set the access_key, name and description of the service account.

Example

resource "minio_iam_service_account" "sa_user" {
  target_user = "minio-user"
  access_key = "minio-user-prod"
  name  = "Minio User"
  description = "User account for minio prod, used by app XPTO"
}

Reference mcli command

$ mcli admin user svcacct add md minio-user --access-key minio-prod --name "Minio User" --description "User account for minio prod, used by app XPTO" 

Access Key: minio-prod
Secret Key: qqwWabcdEzyuXXSZJIabcdNMRP6jsHbv57abcdxN0
Expiration: no-expiry

CleanShot 2024-08-16 at 16 17 47

Not sure if this would be hard to implement, but it would be very nice to have this possibility of configuration.
@Pompermaier
Copy link

Pompermaier commented Oct 1, 2024
edited
Loading

It would be more usefull if it also create more than one additional access-keys including access key value itself as optional, expiry, name, description and comments.

@SoulKyu
Copy link
Contributor

SoulKyu commented Nov 12, 2024

I think it has been implemented in : #594

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Pompermaier @SoulKyu @caiodelgadonew