mc idp ldap accesskey create

The mc idp ldap accesskey create allows you to add LDAP access key pairs.

mc idp ldap accesskey create minio/

mc [GLOBALFLAGS] idp ldap accesskey create                   \
                                 ALIAS                       \
                                 [USER]
                                 [--access-key <value>]      \
                                 [--secret-key <value>]      \
                                 [--policy <value>]          \
                                 [--name <value>]            \
                                 [--description <value>]     \
                                 [--expiry <value>]          \
                                 [--expiry-duration <value>]

Required

The alias of the AIStor deployment configured for AD/LDAP.

For example:

mc idp ldap accesskey create minio

Optional

The user for whom to create the accesskey. If not specified, the accesskey is generated for the logged in user.

Optional

An access key to use for the account. The access key cannot contain the characters = (equal sign) or , (comma).

Requires --secret-key

Optional

A secret to use for the account.

Requires --access-key

Optional

File path to the JSON-formatted policy to use for the account.

If not specified, the account uses the same policy as the authenticated user.

Optional

A human-readable name to use for the account.

Optional

Add a description for the service account. For example, you might specify the reason the access key exists.

Optional

Length of time the access key pair should remain valid for use in #d#h#s format.

For example, 7d, 24h, 5d12h30s are valid strings.

Mutually exclusive with --expiry.

Optional

The date after which the access key expires. Enter the date in YYYY-MM-DD format.

For example, to expire the credentials after December 31, 2024, enter 2024-12-31.

Mutually exclusive with --expiry-duration.

This command supports any of the global flags.

The mc commandline tool is built for compatibility with the AWS S3 API and is tested with AIStor and AWS S3 for expected functionality and behavior.

AIStor provides no guarantees for other S3-compatible services, As their S3 API implementation is unknown and therefore unsupported.

While mc commands may work as documented, any such usage is at your own risk.

The following command creates a new access key pair to use with the currently authenticated user on the minio alias. The command outputs a randomly generated access key and secret key.

mc idp ldap accesskey create minio

The following command creates a new access key pair with both an access key and secret key that you specify for the user currently authenticated on the minio alias.

mc idp ldap accesskey create minio/ --access-key my-access-key-change-me --secret-key my-secret-key-change-me

The following command creates a new access key pair to use with the currently authenticated user on the minio alias. The credentials expire after 24 hours.

The command outputs a randomly generated access key and secret key.

mc idp ldap accesskey create minio --expiry-duration 24h

The following command creates a new access key pair. The AIStor client will first ask you to log in as the user the access key is for on the AIStor site configured for LDAP at minio.example.com.

The command outputs a randomly generated access key and secret key.

mc idp ldap accesskey create minio --login minio.example.com

The following command creates a new access key pair to use with the currently authenticated user on the minio alias. The credentials expire after February 29, 2024.

The command outputs a randomly generated access key and secret key.

mc idp ldap accesskey create minio --expiry 2024-02-29

The following command creates a new access key pair for use by the user aistor-user on the aistor alias. The credentials expire after 24 hours.

mc idp ldap accesskey create aistor/ aistor-user --expiry-duration 24h