## 📝 Author
Birat Aryal — birataryal.github.io
Created Date: 2025-06-30
Updated Date: Monday 30th June 2025 21:09:42
Website - birataryal.com.np
Repository - Birat Aryal
LinkedIn - Birat Aryal
DevSecOps Engineer | System Engineer | Cyber Security Analyst | Network Engineer
📄 MinIO Policy: Full Access to cmtprojectfiles Bucket
This document describes a MinIO IAM policy that grants full access to the cmtprojectfiles bucket using MinIO's S3-compatible policy language.
🔐 Policy Purpose
This policy allows a user to:
- View the bucket location and list its contents.
- Upload (PutObject), download (GetObject), and delete (DeleteObject) files within the bucket.
📁 Target Bucket
Bucket Name: cmtprojectfiles
📜 JSON Policy Definition
Filename: fullaccess-cmtProjectFiles.json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:ListBucket"
],
"Resource": "arn:aws:s3:::cmtprojectfiles"
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject"
],
"Resource": "arn:aws:s3:::cmtprojectfiles/*"
}
]
}
🛠️ How to Apply This Policy Using mc
1. Save the policy as a JSON file
nano fullaccess-cmtProjectFiles.json
# Paste the above policy JSON and save
2. Add the policy to MinIO
mc alias set localmino http://<minio-server>:9000 <ACCESS_KEY> <SECRET_KEY>
mc admin policy add localmino fullaccess-cmtProjectFiles ./fullaccess-cmtProjectFiles.json
3. Assign the policy to a user
mc admin user add localmino uploader1 P@ssword123 # Optional: add user if not created
mc admin policy set localmino fullaccess-cmtProjectFiles user=uploader1
✅ Result
The user uploader1 will now be able to:
-
List and view contents of the
cmtprojectfilesbucket. -
Upload new files to it.
-
Download any file within the bucket.
-
Delete files within the bucket.