From 94157f4bb3c1e8e1c55304f30bf27c3f4c5b9964 Mon Sep 17 00:00:00 2001
From: Chris Lu <chris.lu@gmail.com>
Date: Sun, 25 Jan 2026 00:48:11 -0800
Subject: [PATCH] Add IAM gRPC service definition

- Add GetConfiguration/PutConfiguration for config management
- Add CreateUser/GetUser/UpdateUser/DeleteUser/ListUsers for user management
- Add CreateAccessKey/DeleteAccessKey/GetUserByAccessKey for access key management
- Methods mirror existing IAM HTTP API functionality
---
 weed/pb/iam.proto | 98 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 98 insertions(+)

diff --git a/weed/pb/iam.proto b/weed/pb/iam.proto
index d485ce011..41334e531 100644
--- a/weed/pb/iam.proto
+++ b/weed/pb/iam.proto
@@ -9,7 +9,105 @@ option java_outer_classname = "IamProto";
 //////////////////////////////////////////////////
 
 service SeaweedIdentityAccessManagement {
+    // Configuration Management
+    rpc GetConfiguration (GetConfigurationRequest) returns (GetConfigurationResponse);
+    rpc PutConfiguration (PutConfigurationRequest) returns (PutConfigurationResponse);
+    
+    // User Management
+    rpc CreateUser (CreateUserRequest) returns (CreateUserResponse);
+    rpc GetUser (GetUserRequest) returns (GetUserResponse);
+    rpc UpdateUser (UpdateUserRequest) returns (UpdateUserResponse);
+    rpc DeleteUser (DeleteUserRequest) returns (DeleteUserResponse);
+    rpc ListUsers (ListUsersRequest) returns (ListUsersResponse);
+    
+    // Access Key Management
+    rpc CreateAccessKey (CreateAccessKeyRequest) returns (CreateAccessKeyResponse);
+    rpc DeleteAccessKey (DeleteAccessKeyRequest) returns (DeleteAccessKeyResponse);
+    rpc GetUserByAccessKey (GetUserByAccessKeyRequest) returns (GetUserByAccessKeyResponse);
+}
+
+//////////////////////////////////////////////////
+// Configuration Management Messages
+
+message GetConfigurationRequest {
+}
+
+message GetConfigurationResponse {
+    S3ApiConfiguration configuration = 1;
+}
+
+message PutConfigurationRequest {
+    S3ApiConfiguration configuration = 1;
+}
+
+message PutConfigurationResponse {
+}
+
+//////////////////////////////////////////////////
+// User Management Messages
+
+message CreateUserRequest {
+    Identity identity = 1;
+}
+
+message CreateUserResponse {
+}
+
+message GetUserRequest {
+    string username = 1;
+}
+
+message GetUserResponse {
+    Identity identity = 1;
+}
+
+message UpdateUserRequest {
+    string username = 1;
+    Identity identity = 2;
+}
+
+message UpdateUserResponse {
+}
+
+message DeleteUserRequest {
+    string username = 1;
+}
+
+message DeleteUserResponse {
+}
+
+message ListUsersRequest {
+}
+
+message ListUsersResponse {
+    repeated string usernames = 1;
+}
+
+//////////////////////////////////////////////////
+// Access Key Management Messages
+
+message CreateAccessKeyRequest {
+    string username = 1;
+    Credential credential = 2;
+}
+
+message CreateAccessKeyResponse {
+}
+
+message DeleteAccessKeyRequest {
+    string username = 1;
+    string access_key = 2;
+}
+
+message DeleteAccessKeyResponse {
+}
+
+message GetUserByAccessKeyRequest {
+    string access_key = 1;
+}
 
+message GetUserByAccessKeyResponse {
+    Identity identity = 1;
 }
 
 //////////////////////////////////////////////////