mc idp ldap accesskey create-with-login

The mc idp ldap accesskey create-with-login uses interactive terminal-based prompt to authenticate with the external AD/LDAP server and generate access keys for use with AIStor.

mc idp ldap accesskey create-with-login https://minio.example.net/

mc [GLOBALFLAGS] idp ldap accesskey create-with-login        \
                                 URL                         \
                                 [--access-key <value>]      \
                                 [--secret-key <value>]      \
                                 [--policy <value>]          \
                                 [--name <value>]            \
                                 [--description <value>]     \
                                 [--expiry <value>]          \
                                 [--expiry-duration <value>]

Required

The of an AIStor deployment configured for AD/LDAP integration.

For example:

mc idp ldap accesskey create-with-login https://minio.example.net

Optional

The access key to use once successfully authenticated. Omit to let AIStor randomly generate a value.

The access key cannot contain the characters = (equal sign) or , (comma).

Requires --secret-key

Optional

A secret key to use once successfully authenticated. Omit to let AIStor randomly generate a value.

Requires --access-key

Optional

File path to the JSON-formatted policy to use for the account. This policy _cannot_ grant additional privileges beyond the privileges associated with the authenticated AD/LDAP user.

Omit to use the AD/LDAP user policies.

Optional

A human-readable name to use for the created access key.

Optional

Create a description for the service account. For example, you might specify the reason the access key exists.

Optional

Length of time the access key pair should remain valid for use in #d#h#s format.

For example, 7d, 24h, 5d12h30s are valid strings.

Mutually exclusive with --expiry.

Optional

The date after which the access key expires. Enter the date in YYYY-MM-DD format.

For example, to expire the credentials after December 31, 2024, enter 2024-12-31.

Mutually exclusive with --expiry-duration.

This command supports any of the global flags.

The mc commandline tool is built for compatibility with the AWS S3 API and is tested with AIStor and AWS S3 for expected functionality and behavior.

AIStor provides no guarantees for other S3-compatible services, As their S3 API implementation is unknown and therefore unsupported.

While mc commands may work as documented, any such usage is at your own risk.

The following command creates a new access key pair to use with the currently authenticated user on the minio alias. The command outputs a randomly generated access key and secret key.

mc idp ldap accesskey create-with-login https://minio.example.net

The following command creates a new access key pair with both an access key and secret key that you specify for the user currently authenticated on the minio alias.

mc idp ldap accesskey create-with-login https://minio.example.net/ --access-key my-access-key-change-me --secret-key my-secret-key-change-me

The following command creates a new access key pair to use with the currently authenticated user on the minio alias. The credentials expire after 24 hours.

The command outputs a randomly generated access key and secret key.

mc idp ldap accesskey create-with-login https://minio.example.net --expiry-duration 24h

The following command creates a new access key pair to use with the currently authenticated user on the minio alias. The credentials expire after February 28, 2025.

The command outputs a randomly generated access key and secret key.

mc idp ldap accesskey create-with-login https://minio.example.net --expiry 2025-02-28