1 files changed, 70 insertions, 0 deletions

diff --git a/op_guide/backup_minio/README.md b/op_guide/backup_minio/README.md
new file mode 100644
index 0000000..9e1fb62
--- /dev/null
+++ b/op_guide/backup_minio/README.md
@@ -0,0 +1,70 @@
+Add the admin account as `deuxfleurs` to your `~/.mc/config` file
+
+You need to choose some names/identifiers:
+
+```bash
+export BUCKET_NAME=example
+export NEW_ACCESS_KEY_ID=hello
+
+export NEW_SECRET_ACCESS_KEY=$(openssl rand -base64 60)
+export POLICY_NAME="policy-$BUCKET_NAME"
+```
+
+Create a new bucket:
+
+```bash
+mc mb deuxfleurs/$BUCKET_NAME
+```
+
+Create a new user:
+
+```bash
+mc admin user add deuxfleurs $NEW_ACCESS_KEY_ID $NEW_SECRET_ACCESS_KEY
+```
+
+Add this new user to your `~/.mc/config.json` file
+
+---
+
+Create a policy for this bucket and save it as json:
+
+```bash
+cat > /tmp/policy.json <<EOF
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Action": [
+                "s3:ListBucket"
+            ],
+            "Resource": [
+                "arn:aws:s3:::${BUCKET_NAME}"
+            ]
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "s3:*"
+            ],
+            "Resource": [
+                "arn:aws:s3:::${BUCKET_NAME}/*"
+            ]
+        }
+    ]
+}
+```
+
+Register it:
+
+```bash
+mc admin policy add deuxfleurs $POLICY_NAME /tmp/policy.json
+```
+
+Set it to your user:
+
+```bash
+mc admin policy set deuxfleurs $POLICY_NAME user=${NEW_ACCESS_KEY_ID}
+```
+
+