wget https://dl.min.io/client/mc/release/linux-amd64/mc
chmod +x mc
./mc --help
# mc config host add <ALIAS> <YOUR-S3-ENDPOINT> <YOUR-ACCESS-KEY> <YOUR-SECRET-KEY> [--api API-SIGNATURE]
# ./mc config host add minio http://192.168.20.102:9000 minioadmin minioadmin --api s3v4
Added `minio` successfully.
# cat ~/.mc/config.json
"version": "10",
"aliases": {
"minio": {
"url": "http://192.168.20.102:9000",
"accessKey": "minioadmin",
"secretKey": "minioadmin",
"api": "s3v4",
"path": "auto"
"gcs": {
"url": "https://storage.googleapis.com",
"accessKey": "YOUR-ACCESS-KEY-HERE",
"secretKey": "YOUR-SECRET-KEY-HERE",
"api": "S3v2",
"path": "dns"
"local": {
"url": "http://localhost:9000",
"accessKey": "",
"secretKey": "",
"api": "S3v4",
"path": "auto"
"play": {
"url": "https://play.min.io",
"accessKey": "Q3AM3UQ867SPQQA43P2F",
"secretKey": "zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG",
"api": "S3v4",
"path": "auto"
"s3": {
"url": "https://s3.amazonaws.com",
"accessKey": "YOUR-ACCESS-KEY-HERE",
"secretKey": "YOUR-SECRET-KEY-HERE",
"api": "S3v4",
"path": "dns"
# 查询所有的存储桶
# /usr/local/minio/bin/mc ls minio
[2022-03-10 17:53:49 CST] 0B test/
policy命令 - 管理存储桶策略
通过 mc policy 命令 获取 policy 相关的所有命令
/usr/local/minio/bin/mc policy
Name:
mc policy - manage anonymous access to buckets and objects
USAGE:
mc policy [FLAGS] set PERMISSION TARGET
mc policy [FLAGS] set-json FILE TARGET
mc policy [FLAGS] get TARGET
mc policy [FLAGS] get-json TARGET
mc policy [FLAGS] list TARGET
FLAGS:
--recursive, -r list recursively
--config-dir value, -C value path to configuration folder (default: "/root/.mc")
--quiet, -q disable progress bar display
--no-color disable color theme
--json enable JSON lines formatted output
--debug enable debug output
--insecure disable SSL certificate verification
--help, -h show help
PERMISSION:
Allowed policies are: [none, download, upload, public].
FILE:
A valid S3 policy JSON filepath.
EXAMPLES:
Set bucket to "download" on Amazon S3 cloud storage.
$ mc policy set download s3/burningman2011
Set bucket to "public" on Amazon S3 cloud storage.
$ mc policy set public s3/shared
Set bucket to "upload" on Amazon S3 cloud storage.
$ mc policy set upload s3/incoming
Set policy to "public" for bucket with prefix on Amazon S3 cloud storage.
$ mc policy set public s3/public-commons/images
Set a custom prefix based bucket policy on Amazon S3 cloud storage using a JSON file.
$ mc policy set-json /path/to/policy.json s3/public-commons/images
Get bucket permissions.
$ mc policy get s3/shared
Get bucket permissions in JSON format.
$ mc policy get-json s3/shared
List policies set to a specified bucket.
$ mc policy list s3/shared
List public object URLs recursively.
$ mc policy --recursive links s3/shared/
查看存储桶或路径策略
/usr/local/minio/bin/mc policy get minio/test
Access permission for minio/test is public
设置存储桶或路径策略为 download
download 后面 跟存储桶或路径
/usr/local/minio/bin/mc policy set download minio/test
Access permission for minio/test is set to download
/usr/local/minio/bin/mc policy get minio/test
Access permission for minio/test is download
!!!注意: 这里强烈建议设置路径的策略为 download 这样 所属存储桶的策略就变为了 custom 如果直接将 bucket 设置为 download 那么就可以进入到minio客户端,虽然只能看到 设置了相应策略的 bocket ,但是匿名者可以在其中随意的创建与删除文件!
policy命令 - 管理存储桶策略
官方文档地址:http://docs.minio.org.cn/docs/master/minio-client-complete-guide
管理匿名访问存储桶和其内部内容的策略。
mc policy [FLAGS] PERMISSION TARGET
mc policy [FLAGS] TARGET
mc policy list [FLAGS] TARGET
PERMISSION:
Allowed policies are: [none, download, upload, public].
FLAGS:
--help, -h 显示帮助。
示例: 显示当前匿名存储桶策略
# 显示当前mybucket/myphotos/2020/子文件夹的匿名策略。
mc policy play/mybucket/myphotos/2020/
Access permission for 'play/mybucket/myphotos/2020/' is 'none'
示例:设置可下载的匿名存储桶策略。
# 设置mybucket/myphotos/2020/子文件夹可匿名下载的策略。现在,这个文件夹下的对象可被公开访问。比如:mybucket/myphotos/2020/yourobjectname可通过这个URL https://play.min.io/mybucket/myphotos/2020/yourobjectname访问。
mc policy set download play/mybucket/myphotos/2020/
Access permission for 'play/mybucket/myphotos/2020/' is set to 'download'
示例:删除当前的匿名存储桶策略
# 删除所有mybucket/myphotos/2020/这个子文件夹下的匿名存储桶策略。
mc policy set none play/mybucket/myphotos/2020/
Access permission for 'play/mybucket/myphotos/2020/' is set to 'none'
当前存储桶策略策略是private,无法访问图片,但是进行如下设置后,就可以访问图片 (图片不用分享也能访问)
此时再查看当前存储桶策略策略,不是private了,而是custom
"Version": "2012-10-17",
"Statement": [
"Effect": "Allow",
"Principal": {
"AWS": [
"Action": [
"s3:GetBucketLocation"
"Resource": [
"arn:aws:s3:::aaa"
"Effect": "Allow",
"Principal": {
"AWS": [
"Action": [
"s3:ListBucket"
"Resource": [
"arn:aws:s3:::aaa"
"Condition": {
"StringEquals": {
"s3:prefix": [
"Effect": "Allow",
"Principal": {
"AWS": [
"Action": [
"s3:GetObject"
"Resource": [
"arn:aws:s3:::aaa/**"
