Errorf - formats according to a format specifier and returns the string as a value that satisfies error of type policy.Error.

GetPoliciesFromClaims returns the list of policies to be applied for this incoming request, extracting the information from input JWT claims.

GetValuesFromClaims returns the list of values for the input claimName.

MergePolicies merges all the given policies into a single policy dropping any duplicate statements.

NewActionSet - creates new action set.

NewBPStatement - creates new statement.

NewBPStatementWithNotAction - creates new statement with NotAction.

NewPrincipal - creates new Principal.

NewResource - creates new resource.

NewResourceSet - creates new resource set.

NewStatement - creates new statement.

NewStatementWithNotAction - creates new statement with NotAction.

ParseBucketPolicyConfig - parses data in given reader to Policy.

ParseConfig - parses data in given reader to Iamp.

AbortMultipartUploadAction - AbortMultipartUpload Rest API action.

AddUserToGroupAdminAction - allow adding user to group permission.

AllActions - all API actions.

AllAdminActions - provides all admin permissions.

AllKMSActions - provides all admin permissions.

Allow - allow effect.

AllSTSActions - select all STS actions.

AssumeRoleWithWebIdentityAction - STS action for AssumeRoleWithWebIdentity call.

AttachPolicyAdminAction - allows attaching a policy to a user/group.

BandwidthMonitorAction - allow monitoring bandwidth usage.

BypassGovernanceRetentionAction - bypass governance retention for PutObjectRetention, PutObject and DeleteObject Rest API action.

CancelBatchJobAction allow canceling a batch job.

ConfigUpdateAdminAction - allow MinIO config management.

ConsoleLogAdminAction - allow listing console logs on terminal.

CreateBucketAction - CreateBucket Rest API action.

CreatePolicyAdminAction - allow create policy permission.

CreateServiceAccountAdminAction - allow create a service account for a user.

CreateUserAdminAction - allow creating MinIO user.

DataUsageInfoAdminAction - allow listing data usage info.

DecommissionAdminAction - allows decomissioning of pools.

DefaultVersion - default policy version as per AWS S3 specification.

DeleteBucketAction - DeleteBucket Rest API action.

DeleteBucketPolicyAction - DeleteBucketPolicy Rest API action.

DeleteObjectAction - DeleteObject Rest API action.

DeleteObjectTaggingAction - Delete Object Tags API action.

DeleteObjectVersionAction - DeleteObjectVersion Rest API action.

DeleteObjectVersionTaggingAction - DeleteObjectVersionTagging Rest API action.

DeletePolicyAdminAction - allow delete policy permission.

DeleteUserAdminAction - allow deleting MinIO user.

Deny - deny effect.

DescribeBatchJobAction allow getting batch job YAML.

DisableGroupAdminAction - allow disable group permission.

DisableUserAdminAction - allow disable user permission.

EnableGroupAdminAction - allow enable group permission.

EnableUserAdminAction - allow enable user permission.

ExportBucketMetadataAction - allow exporting bucket metadata.

ExportIAMAction - allow exporting of all IAM info.

ForceDeleteBucketAction - DeleteBucket Rest API action when x-minio-force-delete flag is specified.

ForceUnlockAdminAction - allow force unlocking locks.

GetBucketEncryptionAction - GetBucketEncryption REST API action.

GetBucketLifecycleAction - GetBucketLifecycle Rest API action.

GetBucketLocationAction - GetBucketLocation Rest API action.

GetBucketNotificationAction - GetBucketNotification Rest API action.

GetBucketObjectLockConfigurationAction - GetBucketObjectLockConfiguration Rest API action.

GetBucketPolicyAction - GetBucketPolicy Rest API action.

GetBucketPolicyStatusAction - Retrieves the policy status for a bucket.

GetBucketQuotaAdminAction - allow getting bucket quota.

GetBucketTaggingAction - GetBucketTagging Rest API action.

GetBucketTargetAction - allow getting bucket targets.

GetBucketVersioningAction - GetBucketVersioning REST API action.

GetGroupAdminAction - allow getting group info.

GetObjectAction - GetObject Rest API action.

GetObjectAttributesAction - GetObjectVersionAttributes Rest API action.

GetObjectLegalHoldAction - GetObjectLegalHold, GetObject Rest API action.

GetObjectRetentionAction - GetObjectRetention, GetObject, HeadObject Rest API action.

GetObjectTaggingAction - Get Object Tags API action.

GetObjectVersionAction - GetObjectVersionAction Rest API action.

GetObjectVersionAttributesAction - GetObjectVersionAttributes Rest API action.

GetObjectVersionForReplicationAction - GetObjectVersionForReplication REST API action.

GetObjectVersionTaggingAction - GetObjectVersionTagging Rest API action.

GetPolicyAdminAction - allow get policy permission.

GetReplicationConfigurationAction - GetReplicationConfiguration REST API action.

GetUserAdminAction - allows GET permission on user info.

HeadBucketAction - HeadBucket Rest API action.

HealAdminAction - allows heal command.

HealthInfoAdminAction - allow obtaining cluster health information.

ImportBucketMetadataAction - allow importing bucket metadata.

ImportIAMAction - allow importing IAM info to MinIO.

InspectDataAction - allows downloading raw files from backend.

KMSAPIAction - allow getting a list of supported API endpoints.

KMSAssignPolicyAction - allow assigning an identity to a KMS policy.

KMSAuditLogAction - subscribes to the audit log.

KMSCreateKeyAction - allow creating a new KMS master key.

KMSCreateKeyAdminAction - allow creating a new KMS master key.

KMSDeleteIdentityAction - allow deleting a policy.

KMSDeleteKeyAction - allow deleting a KMS master key.

KMSDeletePolicyAction - allow deleting a policy.

KMSDescribeIdentityAction - allow getting KMS identity.

KMSDescribePolicyAction - allow getting KMS policy.

KMSDescribeSelfIdentityAction - allow getting self KMS identity.

KMSErrorLogAction - subscribes to the error log.

KMSGetPolicyAction - allow getting a policy.

KMSImportKeyAction - allow importing KMS key.

KMSKeyStatusAction - allow getting KMS key status.

KMSKeyStatusAdminAction - allow getting KMS key status.

KMSListIdentitiesAction - allow getting list of KMS identities.

KMSListKeysAction - allow getting list of KMS keys.

KMSListPoliciesAction - allow getting list of KMS policies.

KMSMetricsAction - allow getting server metrics in the Prometheus exposition format.

KMSSetPolicyAction - allow creating or updating a policy.

KMSStatusAction - allow getting KMS status.

KMSVersionAction - allow getting version information.

ListAllMyBucketsAction - ListAllMyBuckets (List buckets) Rest API action.

ListBatchJobsAction allow listing current active jobs.

ListBucketAction - ListBucket Rest API action.

ListBucketMultipartUploadsAction - ListMultipartUploads Rest API action.

ListBucketVersionsAction - ListBucketVersions Rest API action.

ListenBucketNotificationAction - ListenBucketNotification Rest API action.

ListenNotificationAction - ListenNotification Rest API action.

ListGroupsAdminAction - allow list groups permission.

ListMultipartUploadPartsAction - ListParts Rest API action.

ListServiceAccountsAdminAction - allow listing service accounts.

ListTemporaryAccountsAdminAction - allow listing of temporary accounts.

ListTierAction - allow listing remote tiers.

ListUserPoliciesAdminAction - allows listing user policies.

ListUsersAdminAction - allow list users permission.

Policy claim constants.

ProfilingAdminAction - allow profiling.

PrometheusAdminAction - prometheus info action.

PutBucketEncryptionAction - PutBucketEncryption REST API action.

PutBucketLifecycleAction - PutBucketLifecycle Rest API action.

PutBucketNotificationAction - PutObjectNotification Rest API action.

PutBucketObjectLockConfigurationAction - PutBucketObjectLockConfiguration Rest API action.

PutBucketPolicyAction - PutBucketPolicy Rest API action.

PutBucketTaggingAction - PutBucketTagging Rest API action.

PutBucketVersioningAction - PutBucketVersioning REST API action.

PutObjectAction - PutObject Rest API action.

PutObjectFanOutAction - PutObject like API action but allows PostUpload() fan-out.

PutObjectLegalHoldAction - PutObjectLegalHold, PutObject Rest API action.

PutObjectRetentionAction - PutObjectRetention Rest API action.

PutObjectTaggingAction - Put Object Tags API action.

PutObjectVersionTaggingAction - PutObjectVersionTagging Rest API action.

PutReplicationConfigurationAction - PutReplicationConfiguration REST API action.

RebalanceAdminAction - allows rebalancing of pools.

RemoveServiceAccountAdminAction - allow removing a service account.

RemoveUserFromGroupAdminAction - allow removing user to group permission.

ReplicateDeleteAction - ReplicateDelete REST API action.

ReplicateObjectAction - ReplicateObject REST API action.

ReplicateTagsAction - ReplicateTags REST API action.

ReplicationDiff - allow computing the unreplicated objects in a bucket.

ResetBucketReplicationStateAction - MinIO extension API ResetBucketReplicationState to reset replication state on a bucket.

ResourceARNPrefix - resource ARN prefix as per AWS S3 specification.

RestoreObjectAction - RestoreObject REST API action.

ServerInfoAdminAction - allow listing server info.

ServerUpdateAdminAction - allow MinIO binary update.

ServiceFreezeAdminAction - allow freeze/unfreeze MinIO service.

ServiceRestartAdminAction - allow restart of MinIO service.

ServiceStopAdminAction - allow stopping MinIO service.

Policy claim constants.

SetBucketQuotaAdminAction - allow setting bucket quota.

SetBucketTargetAction - allow setting bucket target.

SetTierAction - allow adding/editing a remote tier.

SiteReplicationAddAction - allow adding clusters for site-level replication.

SiteReplicationDisableAction - allow disabling a cluster from replication.

SiteReplicationInfoAction - allow getting site replication info.

SiteReplicationOperationAction - allow performing site replication create/update/delete operations to peers.

SiteReplicationRemoveAction - allow removing a cluster from replication.

SiteReplicationResyncAction - allow resyncing cluster data to another site.

StartBatchJobAction allow submitting a batch job.

StorageInfoAdminAction - allow listing server info.

TopLocksAdminAction - allow listing top locks.

TraceAdminAction - allow listing server trace.

UpdatePolicyAssociationAction - allows to add/remove policy association on a user or group.

UpdateServiceAccountAdminAction - allow updating a service account.

DefaultPolicies - list of canned policies available in MinIO.

IAMActionConditionKeyMap - holds mapping of supported condition key for an action.

Args - arguments to policy to check whether it is allowed.

BPStatement - policy statement.

BucketPolicy - bucket policy.

BucketPolicyArgs - arguments to policy to check whether it is allowed.

Error is the generic type for any error happening during policy parsing.

Policy - iam bucket iamp.

Principal - policy principal.

Resource - resource in policy statement.

Statement - iam policy statement.

Action - policy action.

ActionConditionKeyMap is alias for the map type used here.

ActionSet - set of actions.

AdminAction - admin policy action.

Effect - policy statement effect Allow or Deny.

ID - policy ID.

KMSAction - KMS policy action.

ResourceSet - set of resources in policy statement.

STSAction - STS policy action.