mc admin user add — MinIO Object Storage for Linux (original) (raw)

Table of Contents

• Syntax
  • Parameters
  • Global Flags
• Example
  • Create a New User
• Behavior
  • New Users Have No Default Policies
  • S3 Compatibility

Syntax

The mc admin user add command adds a new MinIO user to the target MinIO deployment.

To manage external Identity Provider users, see OIDC or AD/LDAP.

EXAMPLE

The following command creates a new user newuser on the myminio MinIO deployment:

mc admin user add myminio newuser newusersecret

SYNTAX

The command has the following syntax:

mc [GLOBALFLAGS] admin user add
ALIAS
ACCESSKEY
SECRETKEY

• Brackets [] indicate optional parameters.
• Parameters sharing a line are mutually dependent.
• Parameters separated using the pipe | operator are mutually exclusive.

Copy the example to a text editor and modify as-needed before running the command in the terminal/shell.

Parameters

ACCESSKEY

Required

The access key that uniquely identifies the new user, similar to a username.

ALIAS

Required

The alias of a configured MinIO deployment on which to create the new user.

SECRETKEY

Required

The secret key for the new user. Consider the following guidance when creating a secret key:

• The key should be unique
• The key should be long (Greater than 12 characters)
• The key should be complex (A mixture of characters, numerals, and symbols)

Global Flags

This command supports any of the global flags.

Example

Create a New User

Use mc admin user add to create a user on a MinIO deployment:

mc admin user add ALIAS ACCESSKEY SECRETKEY

• Replace ALIAS with the alias of the MinIO deployment.
• Replace ACCESSKEY with the access key for the user.
• Replace SECRETKEY with the secret key for the user. MinIO does not provide any method for retrieving the secret key once set.

Specify a unique, random, and long string for both the ACCESSKEY and SECRETKEY. Your organization may have specific internal or regulatory requirements around generating values for use with access or secret keys.

Behavior

New Users Have No Default Policies

Newly created users have no policies by default and therefore cannot perform any operations on the MinIO deployment. To configure a user’s assigned policies, you can do either or both of the following:

• Use mc admin policy attach to associate one or more policies to the user.
• Use mc admin group add to associate the user to the group. Users inherit any policies assigned to the group.

For more information on MinIO users and groups, see User Management and Group Management. For more information on MinIO policies, see MinIO Policy Based Access Control.

S3 Compatibility

The mc commandline tool is built for compatibility with the AWS S3 API and is tested with MinIO and AWS S3 for expected functionality and behavior.

MinIO provides no guarantees for other S3-compatible services, as their S3 API implementation is unknown and therefore unsupported. While mccommands may work as documented, any such usage is at your own risk.