[

](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html)
minio信息定义

  1. private final String endpoint = "http://192.168.3.15:9000";
  2. private final String accessKey = "minioadmin";
  3. private final String accessSecret = "minioadmin";
  4. private final String bucket = "test";
  5. private final String policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"s3:GetObject\"],\"Resource\":[\"arn:aws:s3:::*\"]}]}";

sts token访问策略(policy)定义
Action字段指的是策略生效的动作
Resource字指的是当前生效的资源

STS token获取

https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html

  1. AssumeRoleProvider assumeRoleProvider = new AssumeRoleProvider(endpoint, accessKey, accessSecret, 1000, policy, "", "", null, null, null);
  2. // 访问凭证获取
  3. io.minio.credentials.Credentials fetch = assumeRoleProvider.fetch();
  4. // 使用临时凭证上传文件
  5. File file = new File("/home/blue/屏幕截图 2021-10-28 110843.png");
  6. MinioClient minioClient = MinioClient.builder().endpoint(endpoint)
  7. .credentialsProvider(assumeRoleProvider)
  8. .build();
  9. InputStream fileInputStream = new FileInputStream(file);
  10. PutObjectArgs putObjectArgs = PutObjectArgs.builder()
  11. .bucket(bucket)
  12. .object("test_demo/aaa.png")
  13. .region("us-east-1") // 必须加region参数,不加是会返回access deny错误
  14. .stream(fileInputStream, fileInputStream.available(), -1)
  15. .build();
  16. ObjectWriteResponse objectWriteResponse = minioClient.putObject(putObjectArgs);
  17. System.out.println(objectWriteResponse);

临时访问地址获取

  1. Method method = Method.GET;
  2. Map<String,String> headers = new HashMap<>();
  3. headers.put("contentType", ContentType.APPLICATION_OCTET_STREAM.getMimeType());
  4. MinioClient minioClient = MinioClient.builder().endpoint(endpoint).credentials(accessKey, accessSecret).build();
  5. GetPresignedObjectUrlArgs args = GetPresignedObjectUrlArgs.builder()
  6. .method(method)
  7. .expiry(10 * 60 * 1000, TimeUnit.MILLISECONDS)
  8. .bucket(bucket)
  9. .object(path) // bucket下资源的全路径地址
  10. .extraHeaders(headers)
  11. .build();
  12. // 临时访问地址
  13. String url = minioClient.getPresignedObjectUrl(args);