3

I have got a question about minio or s3 policy. I am using a stand-alone minio server for my project. Here is the situation :

  • There is only one admin account that receives files and uploads them to minio server.
  • My Users need to access just their own uploaded objects. I mean another user is not supposed to see other people's object publicly (e.g. by visiting direct link in URL).
  • Admin users are allowed to see all objects in any circumstances.

1. How can i implement such policies for my project considering i have got my database for user authentication and how can i combine them to authenticate the user.

2. If not what other options do i have here to ease the process ?

Severin Alice
  • 61
  • 8

1 Answers1

1

Communicate with your storage through the application. Do policy checks, authentication or authorization in the app and store/grab files to/from storage and make the proper response. I guess this is the only way you can have limitation on uploading/downloading files using Minio. If you're using a framework like Laravel built in S3 driver works perfectly with Minio; Otherwise it's just matter of a HTTP call. Minio provides HTTP APIs.

Majid Akbari
  • 190
  • 2
  • 10