Add ability to use IAM instead of keypair
Signed-off-by: Sergey Shevchenko <sergeyshevchdevelop@gmail.com>
This commit is contained in:
Sergey Shevchenko
Lena Fuhrimann
parent
c077332721
commit
f60b7811fd
2 changed files with 27 additions and 10 deletions
|
|
@ -24,14 +24,16 @@ The application can be configured with the following environment variables:
|
|||
|
||||
- `ENDPOINT`: The endpoint of your S3 server (defaults to `s3.amazonaws.com`)
|
||||
- `REGION`: The region of your S3 server (defaults to `""`)
|
||||
- `ACCESS_KEY_ID`: Your S3 access key ID (required)
|
||||
- `SECRET_ACCESS_KEY`: Your S3 secret access key (required)
|
||||
- `ACCESS_KEY_ID`: Your S3 access key ID (required) (works only is `USE_IAM` is `false`)
|
||||
- `SECRET_ACCESS_KEY`: Your S3 secret access key (required) (works only is `USE_IAM` is `false`)
|
||||
- `USE_SSL`: Whether your S3 server uses SSL or not (defaults to `true`)
|
||||
- `SKIP_SSL_VERIFICATION`: Whether the HTTP client should skip SSL verification (defaults to `false`)
|
||||
- `PORT`: The port the s3manager app should listen on (defaults to `8080`)
|
||||
- `ALLOW_DELETE`: Enable buttons to delete objects (defaults to `true`)
|
||||
- `FORCE_DOWNLOAD`: Add response headers for object downloading instead of opening in a new tab (defaults to `true`)
|
||||
- `LIST_RECURSIVE`: List all objects in the bucket recursively (defaults to `false`)
|
||||
- `USE_IAM`: Use IAM role instead of key pair (defaults to `false`)
|
||||
- `IAM_ENDPOINT`: Endpoint for IAM role retrieving (Can be blank for AWS)
|
||||
|
||||
### Build and Run Locally
|
||||
|
||||
|
|
|
|||
21
main.go
21
main.go
|
|
@ -22,20 +22,30 @@ import (
|
|||
var templateFS embed.FS
|
||||
|
||||
func main() {
|
||||
var (
|
||||
accessKeyID, secretAccessKey, iamEndpoint string
|
||||
)
|
||||
|
||||
viper.AutomaticEnv()
|
||||
|
||||
viper.SetDefault("ENDPOINT", "s3.amazonaws.com")
|
||||
endpoint := viper.GetString("ENDPOINT")
|
||||
|
||||
accessKeyID := viper.GetString("ACCESS_KEY_ID")
|
||||
useIam := viper.GetBool("USE_IAM")
|
||||
|
||||
if useIam {
|
||||
iamEndpoint = viper.GetString("IAM_ENDPOINT")
|
||||
} else {
|
||||
accessKeyID = viper.GetString("ACCESS_KEY_ID")
|
||||
if len(accessKeyID) == 0 {
|
||||
log.Fatal("please provide ACCESS_KEY_ID")
|
||||
}
|
||||
|
||||
secretAccessKey := viper.GetString("SECRET_ACCESS_KEY")
|
||||
secretAccessKey = viper.GetString("SECRET_ACCESS_KEY")
|
||||
if len(secretAccessKey) == 0 {
|
||||
log.Fatal("please provide SECRET_ACCESS_KEY")
|
||||
}
|
||||
}
|
||||
|
||||
region := viper.GetString("REGION")
|
||||
|
||||
|
|
@ -64,9 +74,14 @@ func main() {
|
|||
|
||||
// Set up S3 client
|
||||
opts := &minio.Options{
|
||||
Creds: credentials.NewStaticV4(accessKeyID, secretAccessKey, ""),
|
||||
Secure: useSSL,
|
||||
}
|
||||
if useIam {
|
||||
opts.Creds = credentials.NewIAM(iamEndpoint)
|
||||
} else {
|
||||
opts.Creds = credentials.NewStaticV4(accessKeyID, secretAccessKey, "")
|
||||
}
|
||||
|
||||
if region != "" {
|
||||
opts.Region = region
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue