52 lines
1.1 KiB
Bash
52 lines
1.1 KiB
Bash
#!/bin/bash
|
|
|
|
USERNAME=$1
|
|
PASSWORD=$2
|
|
TARGET="objects"
|
|
|
|
# Create new prolicy
|
|
cat > ./policy.json << EOF
|
|
{
|
|
"Version": "2012-10-17",
|
|
"Statement": [
|
|
{
|
|
"Action": [
|
|
"s3:PutBucketPolicy",
|
|
"s3:GetBucketPolicy",
|
|
"s3:DeleteBucketPolicy",
|
|
"s3:ListAllMyBuckets",
|
|
"s3:ListBucket"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"arn:aws:s3:::$USERNAME"
|
|
],
|
|
"Sid": ""
|
|
},
|
|
{
|
|
"Action": [
|
|
"s3:AbortMultipartUpload",
|
|
"s3:DeleteObject",
|
|
"s3:GetObject",
|
|
"s3:ListMultipartUploadParts",
|
|
"s3:PutObject"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"arn:aws:s3:::$USERNAME/*"
|
|
],
|
|
"Sid": ""
|
|
}
|
|
]
|
|
}
|
|
EOF
|
|
|
|
# Add new user if not exist
|
|
if ! mc admin user info "$TARGET" "$USERNAME" > /dev/null 2>&1 ; then
|
|
mc admin user add "$TARGET" "$USERNAME" "$PASSWORD"
|
|
mc mb "$TARGET/$USERNAME"
|
|
fi
|
|
|
|
# Set new policy to new user
|
|
mc admin policy add "$TARGET" "user-$USERNAME" policy.json
|
|
mc admin policy set "$TARGET" "user-$USERNAME" "user=$USERNAME" |