You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have configured properly a SSL setup for the minio server.
We have a simply apache reverse proxy in front of the minio server (+ console) which handles the SSL termination.
The proxy does locally communicate with HTTP with the minio server, however that shouldn't affect the aws:SecureTransport context var.
It should be set to true, as long as the MINIO_SERVER_URL starts with https. Our url looks like this : https://<server>:9000. The MINIO_BROWSER_REDIRECT_URL looks the same just no portnumber at the end (443).
Given the "only SSL" IAM Policy below it fails to properly work, which leads to my understanding
Expected Behavior
When setting the following policy, I expect to be able to access all buckets regularly, given I have the proper SSL setup. Meaning the aws:SecureTransport variable should always be set true.
When enabling that policy for a user it false denies all s3 access / rights.
Any idea how to progress with debugging or analyzing the problem ? I don't know how to actually check the s3 context keys.
Your Environment
MinIO version used (minio --version): minio version RELEASE.2024-02-06T21-36-22Z (commit-id=980fb5e2ab3674287207c9388bb8fda7a142cc64)
Runtime: go1.21.6 linux/amd64
Server setup and configuration: Linux Ubuntu Server 22.02
The text was updated successfully, but these errors were encountered:
UKFr-DIZ
changed the title
Minio SSL only policy doesn't work with minio SSL setup
S3 key "aws:SecureTransport" isn't properly set with Minio SSL Setup
May 15, 2024
Hi,
I have configured properly a SSL setup for the minio server.
We have a simply apache reverse proxy in front of the minio server (+ console) which handles the SSL termination.
The proxy does locally communicate with HTTP with the minio server, however that shouldn't affect the
aws:SecureTransport
context var.console/api/user_session.go
Line 112 in 649c3d7
It should be set to true, as long as the
MINIO_SERVER_URL
starts withhttps
. Our url looks like this :https://<server>:9000
. TheMINIO_BROWSER_REDIRECT_URL
looks the same just no portnumber at the end (443).Given the "only SSL" IAM Policy below it fails to properly work, which leads to my understanding
Expected Behavior
When setting the following policy, I expect to be able to access all buckets regularly, given I have the proper SSL setup. Meaning the
aws:SecureTransport
variable should always be set true.Current Behavior
When enabling that policy for a user it false denies all s3 access / rights.
Any idea how to progress with debugging or analyzing the problem ? I don't know how to actually check the s3 context keys.
Your Environment
minio --version
): minio version RELEASE.2024-02-06T21-36-22Z (commit-id=980fb5e2ab3674287207c9388bb8fda7a142cc64)Runtime: go1.21.6 linux/amd64
The text was updated successfully, but these errors were encountered: