{"id":22423832,"url":"https://github.com/statcan/vault-plugin-secrets-minio","last_synced_at":"2025-08-01T07:32:32.079Z","repository":{"id":65150745,"uuid":"259759967","full_name":"StatCan/vault-plugin-secrets-minio","owner":"StatCan","description":"Vault plugin which will provision multi-user keys for Minio","archived":false,"fork":false,"pushed_at":"2021-02-18T16:41:00.000Z","size":34,"stargazers_count":11,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-12-03T17:06:57.221Z","etag":null,"topics":["aaw","daaas","kubernetes","minio","vault","vault-plugin"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/StatCan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-04-28T21:53:08.000Z","updated_at":"2024-07-31T13:34:59.000Z","dependencies_parsed_at":"2023-01-02T04:32:47.976Z","dependency_job_id":null,"html_url":"https://github.com/StatCan/vault-plugin-secrets-minio","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StatCan%2Fvault-plugin-secrets-minio","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StatCan%2Fvault-plugin-secrets-minio/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StatCan%2Fvault-plugin-secrets-minio/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StatCan%2Fvault-plugin-secrets-minio/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/StatCan","download_url":"https://codeload.github.com/StatCan/vault-plugin-secrets-minio/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":228348342,"owners_count":17905899,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aaw","daaas","kubernetes","minio","vault","vault-plugin"],"created_at":"2024-12-05T18:13:12.617Z","updated_at":"2024-12-05T18:13:13.317Z","avatar_url":"https://github.com/StatCan.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# vault-plugin-secrets-minio\n\nThis is a plugin for [HashiCorp Vault][vault] which will provision multi-user keys for the [Minio object storage][minio] server.\n\n## Usage\n\nOnce the plugin is registered with your vault instance, you can enable it on a particular path:\n\n```sh\nvault secrets enable \\\n  -path=minio \\\n  -plugin-name=vault-plugin-secrets-minio \\\n  -description=\"Instance of the Minio plugin\" \\\n  plugin\n```\n\n### Configuration\n\nIn order to configure the plugin instance, you must supply it with your Minio endpoint, the access key ID, and the secret access key for the Minio initial user.\n\n```sh\nvault write minio/config \\\n  endpoint=\u003cminio ip\u003e:\u003cminio port\u003e \\\n  accessKeyId=\u003cminio access key ID\u003e \\\n  secretAccessKey=\u003cminio secret access key\u003e \\\n  useSSL=\u003ctrue|false\u003e\n```\n\nYou can read the current configuration:\n\n```sh\nvault read minio/config\n```\n\n### Roles\n\nBefore you can issue keys, you must define a role. A role defines the policy which will be applied to the newly created user, and a name prefix for the key.\n\n```sh\nvault write minio/roles/example-role \\\n  policy=\u003cexisting minio policy name\u003e\n  user_name_prefix=\u003cuser name prefix\u003e\n```\n\nThe `\u003cuser name prefix\u003e` is prefixed to the Vault request id for a key request, and defaults to an empty string. Having the Vault request id as the latter part of the name allows you to trace the key issuer via the Vault audit log. You may also optionally supply a `default_ttl` and `max_ttl` which will apply to the lease created by this role.\n\n```sh\nvault read minio/roles/example-role\n```\n\nReturns the configuration for a particular role.\n\n```sh\nvault list minio/roles\n```\n\nLists all configured roles.\n\n### Provisioning keys\n\n```sh\nvault read minio/keys/example-role\n```\n\nReturns the accessKeyId, secretAccessKey, policy and account status for the newly generated key.\n\n## Acknowledgements\n\nLeverages and builds upon the amazing work done by [Kula][kula]\n\n[kula]:       https://github.com/kula/vault-plugin-secrets-minio\n[vault]:      https://vaultproject.io\n[minio]:      https://minio.io\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstatcan%2Fvault-plugin-secrets-minio","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstatcan%2Fvault-plugin-secrets-minio","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstatcan%2Fvault-plugin-secrets-minio/lists"}