MinIO社区版文件预览失效？一招解决

一觉醒来天塌了

最新版本minio已经升级为社区版本,无法分享长期有效的预览文件url了~~~~

以下是针对 MinIO 最新版本中桶策略配置问题的解决方案，采用编程方式实现公开访问权限：

创建桶的时候 AWS SDK 配置桶策略

@Configuration
public class AmazonS3Config {
    @Resource
    private MinioProperties minioProperties;

    @Bean
    public AmazonS3 amazonS3Client() {
        ClientConfiguration config = new ClientConfiguration();
        config.setProtocol(Protocol.HTTP);
        config.setConnectionTimeout(5000);
        config.setUseExpectContinue(true);
        
        AWSCredentials credentials = new BasicAWSCredentials(
            minioProperties.getAccessKey(), 
            minioProperties.getAccessSecret()
        );

        AwsClientBuilder.EndpointConfiguration endpoint = new AwsClientBuilder.EndpointConfiguration(
            minioProperties.getEndpoint(), 
            Regions.US_EAST_1.name()
        );

        AmazonS3 amazonS3 = AmazonS3ClientBuilder.standard()
            .withClientConfiguration(config)
            .withCredentials(new AWSStaticCredentialsProvider(credentials))
            .withEndpointConfiguration(endpoint)
            .withPathStyleAccessEnabled(true)
            .build();

        setupPublicBucket(amazonS3);
        return amazonS3;
    }

    private void setupPublicBucket(AmazonS3 client) {
        String bucketName = minioProperties.getBucket();
        if (!client.doesBucketExistV2(bucketName)) {
            CreateBucketRequest request = new CreateBucketRequest(bucketName);
            request.withCannedAcl(CannedAccessControlList.PublicRead);
            client.createBucket(request);
            
            String policy = generateBucketPolicy(bucketName);
            client.setBucketPolicy(bucketName, policy);
        }
    }

    private String generateBucketPolicy(String bucketName) {
        return String.format("""
            {
                "Version":"2012-10-17",
                "Statement":[{
                    "Sid":"PublicRead",
                    "Effect":"Allow",
                    "Principal":"*",
                    "Action":["s3:GetObject"],
                    "Resource":"arn:aws:s3:::%s/*"
                }]
            }""", bucketName);
    }
}

属性配置类

@Data
@Component
@ConfigurationProperties(prefix = "minio")
public class MinioProperties {
    private String endpoint;
    private String accessKey;
    private String accessSecret;
    private String bucket;
    private String outEndpoint;
}

配置要点说明

确保application.yml或application.properties包含以下配置：

minio:
  endpoint: http://your-minio-server:9000
  access-key: YOUR_ACCESS_KEY
  access-secret: YOUR_SECRET_KEY
  bucket: your-bucket-name
  out-endpoint: http://public-access-url:9000

注意事项

• 策略中的Resource字段必须包含桶名称和通配符（arn:aws:s3:::bucket-name/*）
• 使用withPathStyleAccessEnabled(true)确保兼容MinIO的路径式访问
• 新版本MinIO推荐使用编程方式配置策略，而非手动修改
• 如果已存在桶，需要先删除旧策略再设置新策略

测试验证方法

上传文件后尝试通过以下URL格式直接访问：

http://your-minio-server:9000/bucket-name/object-key

或使用配置的outEndpoint作为公开访问地址。