maxmustermann/minio
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Update etcd doc to clarify that any STS setup should work (#12022)

Browse source
This commit is contained in:
Aditya Manthramurthy 2021-04-08 17:30:17 -07:00 committed by GitHub
parent f0ca0b3ca9
commit 05a9108c24
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
docs/sts/etcd.md
View file

@ -41,7 +41,10 @@ minio server /data
NOTE: If `etcd` is configured with `Client-to-server authentication with HTTPS client certificates` then you need to use additional envs such as `MINIO_ETCD_CLIENT_CERT` pointing to path to `etcd-client.crt` and `MINIO_ETCD_CLIENT_CERT_KEY` path to `etcd-client.key` .
### 4. Test with MinIO STS API
Assuming that you have configured MinIO server to support STS API by following the doc [MinIO STS Quickstart Guide](https://docs.min.io/docs/minio-sts-quickstart-guide) and once you have obtained the JWT from KeyCloak as mentioned in [KeyCloak Configuration Guide](https://github.com/minio/minio/blob/master/docs/sts/keycloak.md).
Once etcd is configured, **any STS configuration** will work including Client Grants, Web Identity or AD/LDAP.
For example, you can configure STS with Client Grants (KeyCloak) using the guides at [MinIO STS Quickstart Guide](https://docs.min.io/docs/minio-sts-quickstart-guide) and [KeyCloak Configuration Guide](https://github.com/minio/minio/blob/master/docs/sts/keycloak.md). Once this is done, STS credentials can be generated:
```
go run client-grants.go -cid PoEgXP6uVO45IsENRngDXj5Au5Ya -csec eKsw6z8CtOJVBtrOWvhRWL4TUCga