Product
Overview
What is AIStor?
Features
Replication Replication Console Console Cache Cache Encryption Encryption Versioning Versioning Observability Observability Object Immutability Object Immutability Key Management Server Key Management Server S3 Compatibility S3 Compatibility Identity + Access Mgt Identity + Access Mgt Catalog Catalog Object Prompt Object Prompt Lifecycle Lifecycle Firewall Firewall AIHub AIHub
Tools
Erasure Code Calculator Erasure Code Calculator Determine your raw and usable capacity across a range of erasure coding settings. Reference Hardware Reference Hardware MinIO’s recommended Configuration and reference hardware for building large scale data infrastructure.
Solutions
AI Storage Learn how MinIO is leading the AI storage market from its exclusive features to performance at scale. HDFS Migration Modernize and simplify your big data storage infrastructure with cloud native storage with AIStor. Snowflake Learn how to leverage Snowflake external tables to query data without having to move it.
Integrations Integrations with MinIO Browse our expansive list of
integrations with links to the relevant
documentation.
Veeam Learn how MinIO and Veeam have partnered deliver superior RTO and RPO. Modern Datalakes Learn how modern, multi-engine data lakeshouses depend on MinIO's AIStor. Equinix Repatriate your data onto the cloud you control with MinIO and Equinix. SQL Server Learn how to leverage SQL Server 2022 with MinIO to run queries on your data without having to move it. Commvault Learn how Commvault and MinIO are partnered to deliver performance at scale for mission critical backup and restore workloads. Hybrid Cloud Learn how enterprises use MinIO to build AI data infrastructure that runs on any cloud - public, private or colo. Splunk Find out how MinIO is delivering performance at scale for Splunk SmartStores. VMware Discover how MinIO integrates with VMware across the portfolio from the Persistent Data platform to TKG and how we support their Kubernetes ambitions.
Open Source
Github Community Explore, experiment, ask questions and contribute. Docs Development guides. Slack Channel Open Forum for discussing topics related to MinIO.
Download MinIO Object Store Get MinIO's open source server, client, and SDK.
Resources
Resources Home Browse our library of white papers, solution briefs, benchmarks and videos. Blog Product updates, company news, and educational content. Training Learn the MinIO Way and Become a Data Infrastructure Expert.
Events Join us to take advantage to meet with MinIO partners, employees, and subject-matter experts.
Partner Pricing Login Download

Documentation

MinIO Object Storage for Linux

mc admin policy entities

Syntax

List the entities associated with a policy, user, or group on a target MinIO deployment.

Changed in version RELEASE.2023-05-27T05-56-19Z: This command only returns minio-managed users and groups.

To list entities associated with an Active Directory or LDAP (AD/LDAP) configuration, use mc idp ldap policy entities.

For example, you can list all of the users and groups attached to a policy or list all of the policies attached to a specific user or group.

The following command returns a list of the policies associated with the user bob on the deployment at alias myminio.

mc admin policy entities myminio/ --user bob

The command has the following syntax:

mc admin policy entities         \
                TARGET           \
                [--user value]   \
                [--group value]  \
                [--policy value]

  • Brackets [] indicate optional parameters.

  • Parameters sharing a line are mutually dependent.

  • Parameters separated using the pipe | operator are mutually exclusive.

Copy the example to a text editor and modify as-needed before running the command in the terminal/shell.

Important

This command is intended for managing policy associations for MinIO-managed users only.

For managing policies to OpenID-managed users, see OpenID Connect Access Management.

For viewing policies for Active Directory/LDAP users or groups, use mc idp ldap policy entities.

Parameters

The mc admin policy entities command accepts the following arguments:

TARGET
Required

The alias of a configured MinIO deployment on which to add the new policy.

--group
Optional

The name of the group identity for which you want to list attached policies.

You may include multiple groups by repeating the flag multiple times. The command returns each group with a list of associated entities.

--policy
Optional

The name of a policy for which to list associated entities.

You may include multiple policies by repeating the flag multiple times. The command returns each policy with a list of all associated entities.

--user
Optional

The username of the identity for which you want to list attached policies.

You may include multiple users by repeating the flag multiple times. The command returns each user with a list of associated policies.

Global Flags

This command supports any of the global flags.

Examples

List all entities and policy associations for a deployment

The following command lists all policies and the entity mappings associated with them on the deployment at alias myminio.

mc admin policy entities myminio/

List entities associated with two different policies

The following command lists all entities associated with the policies inteam-policy and mlteam-policy on the deployment at alias myminio.

mc admin policy entities myminio/ --policy finteam-policy --policy mlteam-policy

List policies associated with two different users

The following command lists all policies associated with the users bob and james on the deployment at alias myminio.

The command outputs the list of policies associated with bob then the list of policies associated with james on the deployment at alias myminio.

mc admin policy entities myminio/ --user bob --user james

List policies associated with two different groups

The following command lists all policies associated with the groups auditors and accounting on the deployment at alias myminio.

The command outputs the list of policies associated with the group auditors then the list of policies associated with the group accounting on the deployment at alias myminio.

mc admin policy entities play/ --group auditors --group accounting

List policies associated with a policy, a group, and a user

The following command lists all policies associated with the policy finteam-policy, the user bobfisher, and the group consulting on the deployment at alias myminio.

The command outputs the list of groups and users associated with the policy finteam-policy, then lists the policies associated with the user bobfisher, and finally lists the policies associated with the group consulting on the deployment at alias myminio.

mc admin policy entities play/ \
           --policy finteam-policy --user bobfisher --group consulting

Output

The output of the commands resembles the following:

Query time: 2023-04-04T20:39:27Z
  Policy -> Entity Mappings:
    Policy: finteam-policy
      User Mappings:
        bobfisher
    Policy: diagnostics
      User Mappings:
        james
        bobfisher
        marcia
      Group Mappings:
        consulting
        auditors
  User -> Policy Mappings:
    User: bobfisher
      ALLOW_PUBLIC_READ
      finteam-policy
      diagnostics
      readonly
      readwrite
      writeonly
This work is licensed under a Creative Commons Attribution 4.0 International License. 2020-Present, MinIO, Inc. Creative Commons License