Syntax Example The following command retrieves the JSON-formatted anonymous policy for the mydata bucket on the myaistor AIStor deployment: mc anonymous get-json myaistor/mydata Syntax The command has the following syntax:

The mc idp ldap add command creates an AD/LDAP IDP server configuration. AIStor supports multiple named LDAP configurations, allowing you to integrate with different directory services or organizational units. Syntax Example The following example sets the AD/LDAP configuration settings for the myaistor deployment using the default configuration name (_).

The mc idp openid accesskey info outputs information about the specified access key(s). This command works against access keys created by an OIDC user after authenticating to AIStor. Authenticated users can manage their own long-term Access Keys using the AIStor Console. AIStor supports using AssumeRoleWithWebIdentity to generate temporary access keys using the Security Token Service. Example and syntax Example The following example outputs details for the access key mykey from the myaistor deployment:

Lists the entities associated with a policy, user, or group on a target AIStor deployment. This command only returns minio-managed users and groups. To list entities associated with an Active Directory or LDAP (AD/LDAP) configuration, use mc idp ldap policy entities.

The mc cors set command sets the Cross-Origin Resource Sharing (CORS) configuration for a bucket from an XML file. CORS is a browser security mechanism that controls which web domains can access your object storage from client-side JavaScript. When a web application running on one domain attempts to access objects in AIStor from a different domain, the browser checks CORS policies to determine if the request should be allowed. See the Mozilla CORS documentation for more information.

The mc event ls command lists all event notification triggers for a bucket. The alias mc event list has equivalent functionality to mc event ls. Syntax EXAMPLE The following command lists all configured event notifications for the specified bucket notification target for the mydata bucket on the myaistor AIStor deployment:

The mc cors get command retrieves and displays the Cross-Origin Resource Sharing (CORS) configuration for a bucket in XML format. CORS is a browser security mechanism that controls which web domains can access your object storage from client-side JavaScript. When a web application running on one domain attempts to access objects in AIStor from a different domain, the browser checks CORS policies to determine if the request should be allowed. See the Mozilla CORS documentation for more information.

AIStor Server implements Erasure Coding as a core component in providing data redundancy and availability. The diagrams and content in this section present a simplified view of erasure coding operations and are not intended to represent the complexities of the AIStor Server’s full erasure coding implementation. AIStor groups drives in each server pool into one or more Erasure Sets of the same size.

AIStor Server publishes cluster and node metrics using the Prometheus Data Model. You can use any scraping tool to pull metrics data from AIStor Server for further analysis and alerting. This page covers metrics version 3, which has additional metrics and endpoints. Existing deployments can continue to use version 2 metrics. Version 3 endpoints The base endpoint, without an added path, returns cluster, node, and per-bucket statistic metrics from /cluster/usage/buckets.

AIStor uses Policy-Based Access Control (PBAC) to define the authorized actions and resources to which an authenticated user has access. Each policy describes one or more actions and conditions that outline the permissions of a user or group of users. AIStor PBAC is built for compatibility with AWS IAM policy syntax, structure, and behavior. This documentation makes a best-effort to cover IAM-specific behavior and functionality. Refer also to the AWS IAM documentation for more information.