Customer Login
Product
Multi-Cloud
MinIO for VMware Tanzu MinIO for OpenShift MinIO for SUSE Rancher MinIO for Amazon Elastic Kubernetes Service MinIO for Azure Kubernetes Service MinIO for Google Kubernetes Engine
Features
Active Active Replication Identity & Access Management Encryption Bucket & Object Immutability Bucket & Object Versioning Data Life Cycle Management & Tiering Automated Data Management Interfaces Monitoring Scalability AWS S3 Compatibility
Hybrid Cloud Object Storage Hybrid Cloud Object Storage
Overview Architecture
Baremetal Baremetal
Overview Architecture
Erasure Code Calculator Erasure Code Calculator Reference Hardware Reference Hardware
Solutions
Integrations Browse our vast portfolio of integrations VMware Discover how MinIO integrates with VMware across the portfolio from the Persistent Data platform to TKGI and how we support their Kubernetes ambitions. Splunk Find out how MinIO is delivering performance at scale for Splunk SmartStores Veeam Learn how MinIO and Veeam have partnered to drive performance and scalability for a variety of backup use cases. Azure to AWS S3 Gateway Learn how MinIO allows Azure Blob to speak Amazon’s S3 API HDFS Migration Modernize and simplify your big data storage infrastructure with high-performance, Kubernetes-native object storage from MinIO. Teradata Discover why MinIO is the Native Object Store (NOS) of choice for at-scale Teradata deployments
Docs
MinIO Baremetal MinIO Object Storage for Baremetal Infrastructure MinIO Hybrid Cloud MinIO Object Storage for Kubernetes-Managed Private and Public Cloud Infrastructure MinIO for VMware Cloud Foundation MinIO Object Storage for VMware Cloud Foundation 4.2 MinIO Legacy Documentation Legacy Documentation for MinIO Object Storage
Blog Resources Partner Pricing Download

mc policy set

Syntax

The mc policy set command sets anonymous (i.e. unauthenticated or public) access policies for a bucket.

Buckets with anonymous policies allow clients to access the bucket contents and perform actions consistent with the specified policy without authentication.

To set anonymous bucket policies using an IAM JSON policy, use the mc policy set-json command.

The following command sets anonymous access policies for several buckets on the myminio MinIO deployment:

mc policy set upload myminio/uploads
mc policy set download myminio/downloads
mc policy set public myminio/public

Applications can perform the following operations without authentication:

  • PUT objects to myminio/uploads and myminio/public.

  • GET objects from myminio/downloads and myminio/public.

The command has the following syntax:

mc [GLOBALFLAGS] policy set PERMISSION ALIAS

  • Brackets [] indicate optional parameters.

  • Parameters sharing a line are mutually dependent.

  • Parameters seperated using the pipe | operator are mutually exclusive.

Copy the example to a text editor and modify as-needed before running the command in the terminal/shell.

Parameters

PERMISSION

Required Name of the policy to assign to the specified ALIAS. Specify one of the following values:

  • none - Disable anonymous access to the ALIAS.

  • download - Enable download-only access to the ALIAS.

  • upload - Enable upload-only access to the ALIAS.

  • public - Enable download and upload access to the ALIAS.

ALIAS

Required The full path to the bucket or bucket prefix to which the command applies the specified PERMISSION.

Specify the alias of the MinIO or other S3-compatible service and the full path to the bucket or bucket prefix. For example:

mc set public play/mybucket

Specify a bucket prefix to set the policy on only that prefix. For example, this command sets distinct anonymous bucket policies on the mybucket/downloads and mybucket/uploads prefixes:

mc set download play/mybucket/downloads
mc set upload play/mybucket/uploads

Global Flags

--debug
Optional

Enables verbose output to the console.

For example:

mc --debug COMMAND
--config-dir
Optional

The path to a JSON formatted configuration file that mc uses for storing data. See Configuration File for more information on how mc uses the configuration file.

--JSON
Optional

Enables JSON lines formatted output to the console.

For example:

mc --JSON COMMAND
--no-color
Optional

Disables the built-in color theme for console output. Useful for dumb terminals.

--quiet
Optional

Suppresses console output.

--insecure
Optional

Disables TLS/SSL certificate verification. Allows TLS connectivity to servers with invalid certificates. Exercise caution when using this option against untrusted S3 hosts.

--version
Optional

Displays the current version of mc.

--help
Optional

Displays a summary of command usage on the terminal.

Examples

Set Anonymous Policy for Bucket

Use mc policy set to set the anonymous policy for a bucket:

mc policy set POLICY ALIAS/PATH

  • Replace POLICY with a supported permission.

  • Replace ALIAS with the alias of a configured S3-compatible host.

  • Replace PATH with the destination bucket.

Behavior

S3 Compatibility

The mc commandline tool is built for compatibility with the AWS S3 API and is tested MinIO and AWS S3 for expected functionality and behavior.

MinIO provides no guarantees for other S3-compatible services, as their S3 API implementation is unknown and therefore unsupported. While mc commands may work as documented, any such usage is at your own risk.

This work is licensed under a Creative Commons Attribution 4.0 International License.

©2020-Present, MinIO, Inc.

Creative Commons License