Minio ACL
只允许访问单个 Bucket
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:*"],
"Resource": ["arn:aws:s3:::demo/*"]
}
]
}
基于 Bucket 前缀限制访问
实现类似多租户能力
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:*"],
"Resource": ["arn:aws:s3:::demo-*"]
}
]
}
writeonly
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:PutObject"],
"Resource": ["arn:aws:s3:::*"]
}
]
}
readonly
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:GetBucketLocation", "s3:GetObject"],
"Resource": ["arn:aws:s3:::*"]
}
]
}