I have deployed MinIO on my server and configured two URLs for access:
minio.example.com
- MinIO APIminio-admin.example.com
- MinIO Console (UI)
I have set policies for my buckets (readonly policy for /
path ) and everything works as expected for the MinIO API URL. However, when accessing the MinIO Console URL, I can see the entire structure of my buckets and all files without any authentication.
When accessing minio.example.com/browser/my-bucket
, I get the following error message (what I want to achieve for the second URL as well):
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied.</Message>
<Key>test</Key>
<BucketName>browser</BucketName>
<Resource>/browser/my-bucket</Resource>
<RequestId>17E051413F91E8A2</RequestId>
<HostId>dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8</HostId>
</Error>
However, when accessing minio-admin.example.com/browser/my-bucket
, I can see the complete list of all files in my bucket
Are there any ways to achieve this goal other than setting basic auth for the second URL?
I can set basic auth in my proxy, but I don't really like this option. Maybe there are other ways?