code --list-extensions | xargs -L 1 echo code --install-extension # Unix
code --list-extensions | % { "code --install-extension $_" } # Windows PowerShell
Bucket policy is an access policy available for you to grant anonymous permissions to your Minio resources. Bucket policy uses JSON-based access policy language.
This section presents a few examples of typical use cases for bucket policies. The policies use testbucket
strings in the resource value. To test these policies, you need to replace these strings with your bucket name. For more information please read Amazon S3 access policy language
The following example policy grants the s3:GetObject
permission to any public anonymous users. This permission allows anyone to read the object data under testbucket
, which is useful for when you have publicly readable assets. A typical example is a website assets stored in testbucket
.
Our goal is to save sensitive data in a MySQL database in a responsible way, and be able to read/write it programmatically in a PHP web application. Asymmetric encryption would be best, but is not practical here. Symmetric encryption with a strong algorithm and hard-to-guess cipher is acceptable, but not if we store the cipher in plain text on the same server where the database credentials also live in plain text!
This work-in-progress is subject to change if/when I come up with a better scheme, but for now, the plan is to:
- store the cipher as a vault secret;
- configure TLS authentication so that our PHP application can log in, and then
- create a token that allows its bearer to read the secret (our cipher);
- use a PHP component and our cipher to encrypt/decrypt our sensitive data.
apiVersion: v1 | |
kind: Namespace | |
metadata: | |
name: sftp | |
--- | |
kind: Service | |
apiVersion: v1 | |
metadata: |
set -e | |
set -u | |
CERT_HOSTNAME=www.example.com | |
# create private CA key | |
openssl genrsa -out $CERT_HOSTNAME-CA.key 2048 | |
# create private CA certificate |
apiVersion: v1 | |
kind: Namespace | |
metadata: | |
name: rook-ceph-system | |
--- | |
apiVersion: apiextensions.k8s.io/v1beta1 | |
kind: CustomResourceDefinition | |
metadata: | |
name: cephclusters.ceph.rook.io | |
spec: |