computer-playbook/policy.json.j2 at c3e5db7f2ea263b01d0c86e98fcc57c8fc1676fe - computer-playbook - Version Control by Veen.World

kevinveenbirkenbach/computer-playbook

mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-10-31 18:29:21 +00:00

Files

Kevin Veen-Birkenbach 75c36a1d71 web-app-minio: manage OIDC policy via containerized mc and fix policy JSON

- Use dockerized mc with MC_HOST_minio (stateless), no temp files/dirs
- Create only RAW policy name with slash to match Keycloak claim
- Split policy: s3:* on S3 ARNs; admin:* on Resource "*"
- Add mc vars (image, MC_HOST components) to vars/main.yml
- Remove unused Ollama dependency block from tasks

Refs: ChatGPT conversation → https://chatgpt.com/share/68d1eab9-a35c-800f-aa81-76fb2101bd93

2025-09-23 02:33:35 +02:00

19 lines

287 B

Django/Jinja

Raw Blame History

 {
   "Version": "2012-10-17",
   "Statement": [
     {
       "Effect": "Allow",
       "Action": ["s3:*"],
       "Resource": [
         "arn:aws:s3:::*",
         "arn:aws:s3:::*/*"
       ]
     },
     {
       "Effect": "Allow",
       "Action": ["admin:*"],
       "Resource": ["*"]
     }
   ]
 }