--- minio_root_access_key: minio_root_secret_key: minio_root_alias: minio_ansible_root minio_url: https://s3.mgrote.net minio_config_dir: /etc/minio minio_client_release: "" minio_client_bin: /usr/local/bin/mc minio_print_keys: true # zeige secret in playbook # --dp ausschreiben minio_users: - name: testuser5 secret: hallowelt policies: - testbucket1_rw - name: testuser6 secret: hallowelt2 policies: - testbucket3_ro minio_buckets: - name: testbucket1 - name: testbucket3 minio_policies: - name: testbucket1_rw policy: | { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": [ "*" ] }, "Action": [ "s3:GetBucketLocation", "s3:ListBucket", "s3:ListBucketMultipartUploads" ], "Resource": [ "arn:aws:s3:::testbucket1" ] }, { "Effect": "Allow", "Principal": { "AWS": [ "*" ] }, "Action": [ "s3:AbortMultipartUpload", "s3:DeleteObject", "s3:GetObject", "s3:ListMultipartUploadParts", "s3:PutObject" ], "Resource": [ "arn:aws:s3:::testbucket1/*" ] } ] } - name: testbucket3_ro policy: | { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": [ "*" ] }, "Action": [ "s3:GetBucketLocation", "s3:ListBucket", "s3:ListBucketMultipartUploads" ], "Resource": [ "arn:aws:s3:::testbucket3" ] }, { "Effect": "Allow", "Principal": { "AWS": [ "*" ] }, "Action": [ "s3:AbortMultipartUpload", "s3:DeleteObject", "s3:GetObject", "s3:ListMultipartUploadParts", "s3:PutObject" ], "Resource": [ "arn:aws:s3:::testbucket3/*" ] } ] }