1 files changed, 77 insertions, 0 deletions

diff --git a/weed/credential/memory/memory_policy.go b/weed/credential/memory/memory_policy.go
new file mode 100644
index 000000000..1c9268958
--- /dev/null
+++ b/weed/credential/memory/memory_policy.go
@@ -0,0 +1,77 @@
+package memory
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/seaweedfs/seaweedfs/weed/credential"
+)
+
+// GetPolicies retrieves all IAM policies from memory
+func (store *MemoryStore) GetPolicies(ctx context.Context) (map[string]credential.PolicyDocument, error) {
+	store.mu.RLock()
+	defer store.mu.RUnlock()
+
+	if !store.initialized {
+		return nil, fmt.Errorf("store not initialized")
+	}
+
+	// Create a copy of the policies map to avoid mutation issues
+	policies := make(map[string]credential.PolicyDocument)
+	for name, doc := range store.policies {
+		policies[name] = doc
+	}
+
+	return policies, nil
+}
+
+// GetPolicy retrieves a specific IAM policy by name from memory
+func (store *MemoryStore) GetPolicy(ctx context.Context, name string) (*credential.PolicyDocument, error) {
+	store.mu.RLock()
+	defer store.mu.RUnlock()
+
+	if policy, exists := store.policies[name]; exists {
+		return &policy, nil
+	}
+
+	return nil, nil // Policy not found
+}
+
+// CreatePolicy creates a new IAM policy in memory
+func (store *MemoryStore) CreatePolicy(ctx context.Context, name string, document credential.PolicyDocument) error {
+	store.mu.Lock()
+	defer store.mu.Unlock()
+
+	if !store.initialized {
+		return fmt.Errorf("store not initialized")
+	}
+
+	store.policies[name] = document
+	return nil
+}
+
+// UpdatePolicy updates an existing IAM policy in memory
+func (store *MemoryStore) UpdatePolicy(ctx context.Context, name string, document credential.PolicyDocument) error {
+	store.mu.Lock()
+	defer store.mu.Unlock()
+
+	if !store.initialized {
+		return fmt.Errorf("store not initialized")
+	}
+
+	store.policies[name] = document
+	return nil
+}
+
+// DeletePolicy deletes an IAM policy from memory
+func (store *MemoryStore) DeletePolicy(ctx context.Context, name string) error {
+	store.mu.Lock()
+	defer store.mu.Unlock()
+
+	if !store.initialized {
+		return fmt.Errorf("store not initialized")
+	}
+
+	delete(store.policies, name)
+	return nil
+}