Minio User Init Docker Image

This image is used to initialize a user and a bucket in Minio. This project is very helpful when you need to automatically provision users in a new MinIO instance, similar to how you would initialize a database with MySQL, PostgreSQL, etc.

It's based off the official Minio "mc" image with some modifications to make it more flexible and configurable.

Docker Image	Size
serversideup/minio-user-init

Features

• Automatic user creation and policy assignment in MinIO
• Dynamic policy generation based on bucket and object permissions
• Customizable configuration via environment variables
• Support for existing user detection
• Debug mode for troubleshooting
• Native Docker health checks to ensure everything is working

Works great for orchestrated deployments

We designed this image to work great in orchestrated deployments like Kubernetes, Docker Swarm, or even in Github Actions. Look how simple the syntax is:

  minio-user-init:
    image: serversideup/minio-user-init:latest
    environment:
      MINIO_ADMIN_USER: "${MINIO_ADMIN_USER}"
      MINIO_ADMIN_PASSWORD: "${MINIO_ADMIN_PASSWORD}"
      MINIO_ALIAS: "myminio"
      MINIO_HOST: "https://minio.example.com:9000"
      MINIO_USER_ACCESS_KEY: "myaccesskey"
      MINIO_USER_SECRET_KEY: "mysecretkey"
      MINIO_USER_BUCKET: "mybucket"
      MINIO_USER_BUCKET_PERMISSIONS: "s3:ListBucket,s3:GetBucketLocation"
      MINIO_USER_OBJECT_PERMISSIONS: "s3:PutObject,s3:GetObject"

Environment Variables

The following environment variables can be used to customize the MinIO user initialization:

Variable	Description	Default
MINIO_ADMIN_USER	Admin username for MinIO. If you're deploying a new instance, it will likely be the same as your MINIO_ROOT_USER when you first deployed MinIO.	⚠️ Required
MINIO_ADMIN_PASSWORD	Admin password for MinIO. If you're deploying a new instance, it will likely be the same as your MINIO_ROOT_PASSWORD when you first deployed MinIO.	⚠️ Required
MINIO_HOST	MinIO server URL	⚠️ Required
MINIO_USER_ACCESS_KEY	The access key that uniquely identifies the new user, similar to a username.	⚠️ Required
MINIO_USER_SECRET_KEY	Secret key for the new user. This key should be unique, greater than 12 characters, and a complex mixture of characters, numerals, and symbols.	⚠️ Required
MINIO_USER_BUCKET	Name of the bucket to create	⚠️ Required
MINIO_ALIAS	Alias for the MinIO server	minio
MINIO_USER_BUCKET_PERMISSIONS	Comma-separated list of bucket permissions	s3:ListBucket,s3:GetBucketLocation,s3:ListBucketMultipartUploads
MINIO_USER_OBJECT_PERMISSIONS	Comma-separated list of object permissions	s3:PutObject,s3:GetObject,s3:DeleteObject,s3:ListMultipartUploadParts,s3:AbortMultipartUpload
MINIO_POLICY_PATH	Path to the policy file. This file will be created if it doesn't exist or you can provide your own JSON by mounting to the /policies directory.	/policies/readwrite-bucket-${MINIO_USER_BUCKET}.json
MINIO_POLICY_NAME	Name of the policy you want to create/update/overwrite in MinIO. If you don't provide this, we just use the file name of your policy (without the .json).	basename "$MINIO_POLICY_PATH" .json (and trimmed of any special characters)
DEBUG	Enable debug mode	false
SLEEP	Keep container running after initialization	true

Default Permissions

This policy provides the following permissions:

• Bucket Level: Ability to list the bucket contents and get its location
• Object Level: Ability to upload and download objects

You can customize these permissions by setting the MINIO_USER_BUCKET_PERMISSIONS and MINIO_USER_OBJECT_PERMISSIONS environment variables.

By default, we create a policy that looks like this:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:ListBucket",
        "s3:GetBucketLocation",
        "s3:ListBucketMultipartUploads"
      ],
      "Resource": [
        "arn:aws:s3:::${MINIO_USER_BUCKET}"
      ]
    },
    {
      "Effect": "Allow",
      "Action": [
        "s3:PutObject",
        "s3:GetObject",
        "s3:DeleteObject",
        "s3:ListMultipartUploadParts",
        "s3:AbortMultipartUpload"
      ],
      "Resource": [
        "arn:aws:s3:::${MINIO_USER_BUCKET}/*"
      ]
    }
  ]
}

Usage

1. Pull the Docker image:

   docker pull serversideup/minio-user-init:latest

2. Run the container with the required environment variables:

   docker run --rm \
    -e MINIO_ADMIN_USER="admin" \
    -e MINIO_ADMIN_PASSWORD="adminpassword" \
    -e MINIO_HOST="http://minio:9000" \
    -e MINIO_USER_ACCESS_KEY="myaccesskey" \
    -e MINIO_USER_SECRET_KEY="mysecretkey" \
    -e MINIO_USER_BUCKET="mybucket" \
   serversideup/minio-user-init:latest

Resources

• Discord for friendly support from the community and the team.
• GitHub for source code, bug reports, and project management.
• Get Professional Help - Get video + screen-sharing help directly from the core contributors.

Contributing

As an open-source project, we strive for transparency and collaboration in our development process. We greatly appreciate any contributions members of our community can provide. Whether you're fixing bugs, proposing features, improving documentation, or spreading awareness - your involvement strengthens the project.

• Bug Report: If you're experiencing an issue while using these images, please create an issue.
• Security Report: Report critical security issues via our responsible disclosure policy.

Need help getting started? Join our Discord community and we'll help you out!

Our Sponsors

All of our software is free an open to the world. None of this can be brought to you without the financial backing of our sponsors.

Black Level Sponsors

Bronze Sponsors

No bronze sponsors yet. Become a sponsor →

Individual Supporters

      

About Us

We're Dan and Jay - a two person team with a passion for open source products. We created Server Side Up to help share what we learn.

Dan Pastori	Jay Rogers

Find us at:

• 📖 Blog - Get the latest guides and free courses on all things web/mobile development.
• 🙋 Community - Get friendly help from our community members.
• 🤵‍♂️ Get Professional Help - Get video + screen-sharing support from the core contributors.
• 💻 GitHub - Check out our other open source projects.
• 📫 Newsletter - Skip the algorithms and get quality content right to your inbox.
• 🐥 Twitter - You can also follow Dan and Jay.
• ❤️ Sponsor Us - Please consider sponsoring us so we can create more helpful resources.

Our products

If you appreciate this project, be sure to check out our other projects.

📚 Books

• The Ultimate Guide to Building APIs & SPAs: Build web & mobile apps from the same codebase.
• Building Multi-Platform Browser Extensions: Ship extensions to all browsers from the same codebase.

🛠️ Software-as-a-Service

• Bugflow: Get visual bug reports directly in GitHub, GitLab, and more.
• SelfHost Pro: Connect Stripe or Lemonsqueezy to a private docker registry for self-hosted apps.

🌍 Open Source

• AmplitudeJS: Open-source HTML5 & JavaScript Web Audio Library.
• Spin: Laravel Sail alternative for running Docker from development → production.
• Financial Freedom: Open source alternative to Mint, YNAB, & Monarch Money.