mc
mc copied to clipboard
minio
Null policy condition causes 'unable to list policies of target'
Expected behaviour
Lists the policy
Actual behaviour
mc: <ERROR> Unable to list policies of target `minio/bucketname`. ReadString: expects " or n, but found [, error found in #1 byte of ...|[true]|..., bigger context ...|[true]|...
(1) policy-main.go:243 cmd.runPolicyListCmd(..) Tags: [minio/bucketname]
(0) client-s3.go:1283 cmd.(*S3Client).GetAccessRules(..)
Release-Tag:RELEASE.2021-07-27T06-46-19Z | Commit:addaf66de8af | Host:73a7f9273e14 | OS:linux | Arch:amd64 | Lang:go1.16.6 | Mem:3.2 MB/75 MB | Heap:3.2 MB/67 MB.
ERROR: 1
Steps to reproduce the behaviour
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Deny",
"Principal": "*",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::bucketname/*",
"Condition": {
"Null": {
"s3:x-amz-server-side-encryption": "true"
}
}
}
]
}
mc policy set-json above.json minio/bucketname # succeeds
mc policy list minio/bucketname
StringNotEquals (& "AES256" instead of "true") works - in that it does list bucketname/* => none, I don't know if that's correct, but it doesn't error. It doesn't have the behaviour I expect though; so I found the above error in the course of trying to debug that.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed after 21 days if no further activity occurs. Thank you for your contributions.
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}
This is due to limitations in policy condition handling in minio-go/v7
This issue has been automatically marked as stale because it has not had recent activity. It will be closed after 21 days if no further activity occurs. Thank you for your contributions.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed after 21 days if no further activity occurs. Thank you for your contributions.