# `minAvailable` or `maxUnavailable`. For example, to set the
  # minimum number of available replicas to 1, you can update this value as follows:
  #
  # podDisruptionBudget:
  #   minAvailable: 1
  #
  # Or, to allow a maximum of 1 unavailable replica, you can set:
  #
  # podDisruptionBudget:
  #   maxUnavailable: 1
  #

# This shows an example local config for ztunnel that adds a workload for localhost.
# This allows local testing by sending requests through the local ztunnel to other servers running on localhost.
workloads:
- uid: cluster1//v1/Pod/default/local
  name: local
  namespace: default
  serviceAccount: default
  workloadIps: ["127.0.0.1"]
  protocol: HBONE
  node: local
  network: ""
  services:
    "default/example.com":
      80: 8080

 * specific language governing permissions and limitations
 * under the License.
 */
package org.apache.maven;

import org.apache.maven.execution.MavenSession;

/**
 * Allows core extensions to participate in Maven build session lifecycle.
 *
 * All callback methods (will) follow beforeXXX/afterXXX naming pattern to
 * indicate at what lifecycle point it is being called.
 *

 * with desired access bits <tt>0x00000003</tt> (<tt>FILE_READ_DATA |
 * FILE_WRITE_DATA</tt>) and the target file has the following security
 * descriptor ACEs:
 * 
 * <pre>
 * Allow WNET\alice     0x001200A9  Direct
 * Allow Administrators 0x001F01FF  Inherited
 * Allow SYSTEM         0x001F01FF  Inherited
 * </pre>
 * 
 * the access check would fail because the direct ACE has an access mask
 * of <tt>0x001200A9</tt> which doesn't have the

```yaml
meshConfig:
  accessLogFile: /dev/stdout
```

#### Revisions

Control plane revisions allow deploying multiple versions of the control plane in the same cluster.
This allows safe [canary upgrades](https://istio.io/latest/docs/setup/upgrade/canary/)

```yaml
revision: my-revision-name

The field of `getObjectContext` means the input and output details for connections to MinIO. It has the following fields:

In another terminal, create a policy that allows root user all access and for all other users denies `PutObject`:

```sh
cat > example.rego <<EOF
package httpapi.authz

import input

default allow = false

# Allow the root user to perform any action.
allow {
 input.owner == true
}

# All other users may do anything other than call PutObject
allow {
 input.action != "s3:PutObject"
 input.owner == false

 * with desired access bits <tt>0x00000003</tt> (<tt>FILE_READ_DATA |
 * FILE_WRITE_DATA</tt>) and the target file has the following security
 * descriptor ACEs:
 * <pre>
 * Allow WNET\alice     0x001200A9  Direct
 * Allow Administrators 0x001F01FF  Inherited
 * Allow SYSTEM         0x001F01FF  Inherited
 * </pre>
 * the access check would fail because the direct ACE has an access mask
 * of <tt>0x001200A9</tt> which doesn't have the

# MinIO FTP/SFTP Server

MinIO natively supports FTP/SFTP protocol, this allows any ftp/sftp client to upload and download files.

Currently supported `FTP/SFTP` operations are as follows:

| ftp-client commands | supported |
|:-------------------:|:----------|
| get                 | yes       |
| put                 | yes       |
| ls                  | yes       |
| mkdir               | yes       |
| rmdir               | yes       |

The following arguments are supported:

* `allow_origins` - A list of origins that should be permitted to make cross-origin requests. E.g. `['https://example.org', 'https://www.example.org']`. You can use `['*']` to allow any origin.
* `allow_origin_regex` - A regex string to match against origins that should be permitted to make cross-origin requests. e.g. `'https://.*\.example\.org'`.