欢迎来到即将发布的 MinIO 文档版本! 此页面上的内容正在积极开发中 可能随时更改。 如果找不到您要找的内容,请查看我们的 历史文档。 感谢您的耐心等待。 我们期待您贡献自己强大的力量,帮助更多的中国技术开发者![翻译]

Group Management

Table of Contents

Overview

A group is a collection of users. Each group can have one or more assigned policies that explicitly list the actions and resources to which group members are allowed or denied access.

For example, consider the following groups. Each group is assigned a built-in policy or supported policy action. Each group also has one or more assigned users. Each user’s total set of permissions consists of their explicitly assigned permission and the inherited permissions from each of their assigned groups. MinIO by default denies access to any resource or operation not explicitly allowed by a user’s assigned or inherited policies.

Group

Policy

Members

Operations

readwrite on finance bucket
readonly on audit bucket

john.doe, jane.doe

Auditing

readonly on audit bucket

jen.doe, joe.doe

Admin

admin:*

greg.doe, jen.doe

Groups provide a simplified method for managing shared permissions among users with common access patterns and workloads. Client’s cannot authenticate to a MinIO deployment using a group as an identity.

The mc admin group command supports the creation and management of groups on the MinIO deployment. See the command reference for examples of usage.