taran-p
commented
3 months ago Would the inability to delete STS access keys be an issue with listing them together?
Closed harshavardhana closed 2 months ago
taran-p
commented
3 months ago Would the inability to delete STS access keys be an issue with listing them together?
donatello
commented
3 months ago Also sts keys need tokens so I think there should be an indication like a type so that users don't go looking for them in apps or scripts (for an audit for example).
harshavardhana
commented
3 months ago Fundamentally they are all the same from an API point of view, the idea here is just to show them a hint. Adding an sts tag might be okay let me see if I can add it cleanly.
The current UI is quite wrong we need to address it.
harshavardhana
commented
2 months ago Would the inability to delete STS access keys be an issue with listing them together?
The API has no contract which requires that all access keys be allowed to be deleted. Service Accounts is our extended implementation in MinIO. AWS STS credentials do not have such a feature, so in MinIO, we didn't implement a DELETE behavior for them, either.
harshavardhana
commented
2 months ago Added STS differentiation
Community Contribution License
All community contributions in this pull request are licensed to the project maintainers under the terms of the Apache 2 license. By creating this pull request I represent that I have the right to license the contributions to the project maintainers under the Apache 2 license.
Description
combine STS, SVC accounts into access keys with or without expiration
Motivation and Context
from an end-user point of view, they are no different
How to test this PR?
Configure LDAP and perform all the necessary activities to create accounts with or without expiration. Then, observe the pretty printed output.
Types of changes
Checklist:
commit-idorPR #here)