From 4d4d5793bbaeb4805a6d76de3ac8361130aebdf1 Mon Sep 17 00:00:00 2001 From: Marcel Date: Mon, 11 May 2026 14:11:46 +0200 Subject: [PATCH] docs(glossary): add archiv-app service account entry `archiv-app` is the bucket-scoped MinIO service account introduced in PR #499 alongside the production deploy pipeline. Until now the term only appeared in `infra/minio/bootstrap.sh` and the prod compose file; a reader encountering `S3_ACCESS_KEY: archiv-app` had no single-page reference distinguishing it from the MinIO root account. Adds a new "Infrastructure Terms" section to docs/GLOSSARY.md so the distinction (root account vs. application service account) and the attached `archiv-app-policy` scope live in the canonical glossary location. Cross-links to ADR-010 for the MinIO-stays-self-hosted rationale. Addresses @elicit's round-2 recommendation on PR #499. Co-Authored-By: Claude Opus 4.7 --- docs/GLOSSARY.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/GLOSSARY.md b/docs/GLOSSARY.md index f1c75053..55ffca93 100644 --- a/docs/GLOSSARY.md +++ b/docs/GLOSSARY.md @@ -107,6 +107,13 @@ _See also [Briefwechsel](#briefwechsel-user-facing)._ --- +## Infrastructure Terms + +**archiv-app** — the bucket-scoped MinIO service account the backend uses to read and write the `familienarchiv` bucket. Distinct from the MinIO root account (`archiv`, used only by the bootstrap container for admin operations). Defined and provisioned in [`infra/minio/bootstrap.sh`](../infra/minio/bootstrap.sh) and consumed by the backend as `S3_ACCESS_KEY` in [`docker-compose.prod.yml`](../docker-compose.prod.yml). The attached `archiv-app-policy` grants `s3:GetObject/PutObject/DeleteObject` on `familienarchiv/*` and `s3:ListBucket/GetBucketLocation` on the bucket only — not the built-in `readwrite` policy which would grant `s3:*` on all buckets. +_See also [ADR-010 — MinIO stays self-hosted, not Hetzner OBS](./adr/010-minio-self-hosted-not-hetzner-obs.md)._ + +--- + ## Pending Terms _Terms flagged as potentially ambiguous that have not yet been formally defined here. Add an entry above and remove it from this list when resolved._