[
](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html)
minio信息定义
private final String endpoint = "http://192.168.3.15:9000";private final String accessKey = "minioadmin";private final String accessSecret = "minioadmin";private final String bucket = "test";private final String policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"s3:GetObject\"],\"Resource\":[\"arn:aws:s3:::*\"]}]}";
sts token访问策略(policy)定义:
Action字段指的是策略生效的动作
Resource字指的是当前生效的资源
STS token获取
https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
AssumeRoleProvider assumeRoleProvider = new AssumeRoleProvider(endpoint, accessKey, accessSecret, 1000, policy, "", "", null, null, null);// 访问凭证获取io.minio.credentials.Credentials fetch = assumeRoleProvider.fetch();// 使用临时凭证上传文件File file = new File("/home/blue/屏幕截图 2021-10-28 110843.png");MinioClient minioClient = MinioClient.builder().endpoint(endpoint).credentialsProvider(assumeRoleProvider).build();InputStream fileInputStream = new FileInputStream(file);PutObjectArgs putObjectArgs = PutObjectArgs.builder().bucket(bucket).object("test_demo/aaa.png").region("us-east-1") // 必须加region参数,不加是会返回access deny错误.stream(fileInputStream, fileInputStream.available(), -1).build();ObjectWriteResponse objectWriteResponse = minioClient.putObject(putObjectArgs);System.out.println(objectWriteResponse);
临时访问地址获取
Method method = Method.GET;Map<String,String> headers = new HashMap<>();headers.put("contentType", ContentType.APPLICATION_OCTET_STREAM.getMimeType());MinioClient minioClient = MinioClient.builder().endpoint(endpoint).credentials(accessKey, accessSecret).build();GetPresignedObjectUrlArgs args = GetPresignedObjectUrlArgs.builder().method(method).expiry(10 * 60 * 1000, TimeUnit.MILLISECONDS).bucket(bucket).object(path) // bucket下资源的全路径地址.extraHeaders(headers).build();// 临时访问地址String url = minioClient.getPresignedObjectUrl(args);
若有收获,就点个赞吧
0 人点赞
