客户端配置
# 配置别名(连接远程MinIO服务器)
mc alias set myminio http://localhost:9000 ACCESS_KEY SECRET_KEY
# 示例:
mc alias set myminio http://127.0.0.1:9000 username password
# 列出所有配置的别名
mc alias list
存储桶操作
# 创建存储桶
mc mb myminio/mybucket
# 列出所有存储桶
mc ls myminio
# 删除空存储桶
mc rb myminio/mybucket
# 强制删除非空存储桶
mc rb --force myminio/mybucket
对象操作
# 上传文件
mc cp localfile.txt myminio/mybucket/
# 下载文件
mc cp myminio/mybucket/remotefile.txt .
# 列出存储桶内容
mc ls myminio/mybucket
# 删除对象
mc rm myminio/mybucket/file.txt
# 递归删除目录
mc rm --recursive myminio/mybucket/mydir
策略管理
# 设置存储桶为公开可读
mc anonymous set download myminio/mybucket
# 设置存储桶为私有
mc anonymous set none myminio/mybucket
# 添加用户
mc admin user add myminio newuser newpassword
# 设置用户策略
mc admin policy set myminio readwrite user=newuser
监控与维护
# 查看服务器信息
mc admin info myminio
# 查看服务健康状态
mc admin heal myminio
# 查看存储桶使用情况
mc du myminio/mybucket
高级功能
# 设置对象保留策略
mc retention set --default GOVERNANCE 30d myminio/mybucket
# 设置对象锁定(合规模式)
mc retention set --default COMPLIANCE 30d myminio/mybucket
# 启用版本控制
mc version enable myminio/mybucket
# 列出对象版本
mc ls --versions myminio/mybucket
管理用户
mc admin user
# 创建用户
mc admin user add <alias> <username> <password>
# 示例:创建名为reports的用户
mc admin user add myminio reports user123456
# 列出所有用户
mc admin user list <alias>
# 示例:列出myminio的所有用户
mc admin user list myminio
# 查看用户信息
mc admin user info <alias> <username>
# 示例:查看reports用户信息
mc admin user info myminio reports
# 禁用用户
mc admin user disable <alias> <username>
# 示例:禁用reports用户
mc admin user disable myminio reports
# 启用用户
mc admin user enable <alias> <username>
# 示例:重新启用reports用户
mc admin user enable myminio reports
# 删除用户
mc admin user remove <alias> <username>
# 示例:删除reports用户
mc admin user remove myminio reports
用户策略管理
# 为用户分配策略
mc admin policy attach <alias> <policy-name> --user=<username>
# 示例:为reports用户分配readonly策略
mc admin policy attach myminio readonly --user=reports
# 查看用户当前策略
mc admin policy info <alias> --user=<username>
# 示例:查看reports用户的策略
mc admin policy info myminio --user=reports
# 解除用户策略
mc admin policy detach <alias> <policy-name> --user=<username>
# 示例:移除reports用户的readonly策略
mc admin policy detach myminio readonly --user=reports
用户密钥管理
# 修改用户密码
mc admin user update <alias> <username> <new-password>
# 示例:修改reports用户密码
mc admin user update myminio reports newpassword123
# 生成临时访问密钥
mc admin user svcacct add <alias> <username>
# 示例:为reports用户创建服务账户
mc admin user svcacct add myminio reports
高级用户配置
# 创建带策略的新用户(一步完成)
mc admin user add <alias> <username> <password> --policy-name=<policy>
# 示例:创建带writeonly策略的用户
mc admin user add myminio uploader upload123 --policy-name=writeonly
# 设置用户描述信息
mc admin user update <alias> <username> --description="User description"
# 示例:设置用户描述
mc admin user update myminio reports --description="Monthly reports generator"
用户管理实际使用案例
# 1. 创建管理员用户
mc admin user add myminio admin admin123
mc admin policy attach myminio consoleAdmin --user=admin
# 2. 创建只读用户
mc admin user add myminio viewer view123
mc admin policy attach myminio readonly --user=viewer
# 3. 创建特定存储桶权限用户
# 先创建自定义策略文件bucket-policy.json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:GetObject"],
"Resource": ["arn:aws:s3:::reports-bucket/*"]
}
]
}
# 添加策略
mc admin policy create myminio reports-reader bucket-policy.json
# 创建用户并附加策略
mc admin user add myminio report-reader reader123
mc admin policy attach myminio reports-reader --user=report-reader
配置同步
mc mirror -w old new
评论 (0)