Пример #1
0
user_client = Minio(
    's3.amazonaws.com',
    access_key='YOUR-ACCESSKEYID',
    secret_key='YOUR-SECRETKEY',
)

_RESTRICTED_UPLOAD_POLICY = """{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:*"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::my-bucket/*"
      ],
      "Sid": "Upload-access-to-specific-bucket-only"
    }
  ]
}
"""

provider = AssumeRoleProvider(
    lambda: user_client.get_assume_role_creds(_RESTRICTED_UPLOAD_POLICY), )

client = Minio(
    's3.amazonaws.com',
    credentials=Credentials(provider),
)
Пример #2
0
    {
      "Action": [
        "s3:*"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::my-bucket/*"
      ],
      "Sid": "Upload-access-to-specific-bucket-only"
    }
  ]
} 
"""

credentials_provider = AssumeRoleProvider(
    get_assume_role_creds=lambda: client.get_assume_role_creds(
        policy=_RESTRICTED_UPLOAD_POLICY))
temp_creds = Credentials(provider=credentials_provider)

# User can access the credentials for e.g. serialization
print("Retrieved temporary credentials:")
print(temp_creds.get().access_key)
print(temp_creds.get().secret_key)

# Initialize Minio client with the temporary credentials
restricted_client = Minio('s3.amazonaws.com', credentials=temp_creds)

# Get a full object.

data = restricted_client.get_object('my-bucket', 'my-object')
with open('/tmp/testfile', 'wb') as file_data:
    for d in data.stream(32 * 1024):