MinIO supports multiple long term users in addition to default user created during server startup. New users have to added using the CLI tool. You can read the full docs here.

- Install Minio CLI tool

- Configure CLI tool to point to your minio installation
mc alias set myminio https://minio.domain.com minioadmin minioadmin --api s3v4

- Create a policy file
cat > getonly.json << EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:GetObject"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::my-bucketname/*"
      ],
      "Sid": ""
    }
  ]
}
EOF

- Add the policy
mc admin policy add myminio getonly getonly.json

- Add new user
mc admin user add myminio newuser password123

- Set policy on user
mc admin policy set myminio getonly user=newuser