You can set a retention configuration on the bucket that controls how long the WORM model applies to newly uploaded objects. The former prevents any overwrites until the retention period has expired, while the later disallows overwrites until the legal hold has been removed from the object.Īs per the S3 specification, you can enable object locking on a bucket that has versioning turned on. You can either attach a retention period or legal hold to objects. S3 Object Locking enables you to store objects on MinIO using the write-once-read-many (WORM) model. So, the application using these access credentials can only read but not write to MinIO - and only from this one specific bucket. The attached policy shown above only grants read access to the my-bucket bucket. For example, when creating a new access key through the web UI, you can restrict the permissions of the access key by defining an attached IAM policy: Creating new access key with attached IAM policy Therefore, you should only grant the permissions that are required for a particular task.Īccess to S3 resources is controlled by IAM policies that are attached to the application credentials, in particular the S3 access key. You control which applications access which S3 resource on MinIO. The least privilege access principle is fundamental to the security of your MinIO deployment. Today we want to cover the MinIO best practices with respect to S3 security and access controls. Docs Blog Resources Partner Pricing Download VMware Discover how MinIO integrates with VMware across the portfolio from the Persistent Data platform to TKGI and how we support their Kubernetes ambitions. HDFS Migration Modernize and simplify your big data storage infrastructure with high-performance, Kubernetes-native object storage from MinIO. Splunk Find out how MinIO is delivering performance at scale for Splunk SmartStores Veeam Learn how MinIO and Veeam have partnered to drive performance and scalability for a variety of backup use cases. No need to move the data, just query using SnowSQL. Snowflake Query and analyze multiple data sources, including streaming data, residing on MinIO with the Snowflake Data Cloud. Commvault Learn how Commvault and MinIO are partnered to deliver performance at scale for mission critical backup and restore workloads. Integrations Browse our vast portfolio of integrations SQL Server Discover how to pair SQL Server 2022 with MinIO to run queries on your data on any cloud - without having to move it. Learn how MinIO is leading that effort with performance at scale. AI&ML Object storage is powering the AI revolution. Learn more about this core MinIO use case. Modern Datalakes Modern, multi-engine datalakes depend on object stores that deliver performance at scale.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |