Documentation

mc admin policy create

Creates a new policy on the target MinIO deployment.

MinIO deployments include the following built-in policies by default:

Consider the following JSON policy document saved at a file called /tmp/listmybuckets.json:

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Action": [
            "s3:ListAllMyBuckets"
         ],
         "Resource": [
            "arn:aws:s3:::*"
         ]
      }
   ]
}

The following command creates a new policy called listmybuckets on the alias myminio using the policy found at the file /tmp/listmybuckets.json.

mc admin policy create myminio listmybuckets /tmp/listmybuckets.json

The command has the following syntax:

mc admin policy create     \
                TARGET     \
                POLICYNAME \
                POLICYPATH
  • Brackets [] indicate optional parameters.

  • Parameters sharing a line are mutually dependent.

  • Parameters separated using the pipe | operator are mutually exclusive.

Copy the example to a text editor and modify as-needed before running the command in the terminal/shell.

The mc admin policy create command accepts the following arguments:

The alias of a configured MinIO deployment on which to add the new policy.

The name of the policy to add.

Specifying the name of an existing policy overwrites that policy on the TARGET MinIO deployment.

The file path of the policy to add. The file must be a JSON-formatted file with IAM-compatible syntax and no more than 2048 characters.

This command supports any of the global flags.

Create a new policy called writeonly from the JSON file at /tmp/writeonly.json on the deployment at the alias myminio.

mc admin policy create myminio writeonly /tmp/writeonly.json