ErrMissingEnvCredentialRootUser = newErrFn(
		"Missing credential environment variable, \""+EnvRootUser+"\"",
		"Environment variable \""+EnvRootUser+"\" is missing",
		`Root user name (access key) and root password (secret key) are expected to be specified via environment variables MINIO_ROOT_USER and MINIO_ROOT_PASSWORD respectively`,
	)

	ErrMissingEnvCredentialRootPassword = newErrFn(
		"Missing credential environment variable, \""+EnvRootPassword+"\"",

	{
		if tlsPrivateKey == "" && tlsPublicCert != "" {
			logger.Fatal(fmt.Errorf("invalid TLS arguments provided missing private key --ftp=\"tls-private-key=path/to/private.key\""), "unable to start FTP server")
		}

		if tlsPrivateKey != "" && tlsPublicCert == "" {
			logger.Fatal(fmt.Errorf("invalid TLS arguments provided missing public cert --ftp=\"tls-public-cert=path/to/public.crt\""), "unable to start FTP server")
		}
		if port == 0 {

out=$(diff -qpruN expanded_ns.txt decommissioned_ns.txt)
ret=$?
if [ $ret -ne 0 ]; then
	echo "BUG: expected no missing entries after decommission: $out"
	exit 1
fi

out=$(diff -qpruN expanded_ns_versions.txt decommissioned_ns_versions.txt)
ret=$?
if [ $ret -ne 0 ]; then
	echo "BUG: expected no missing entries after decommission: $out"
	exit 1
fi

	String  *LiteralString `parser:" | @LitString"`
	Boolean *Boolean       `parser:" | @(\"TRUE\" | \"FALSE\")"`
	Null    bool           `parser:" | @\"NULL\""`
	Missing bool           `parser:" | @\"MISSING\")"`
}

// Identifier represents a parsed identifier
type Identifier struct {
	Unquoted *string           `parser:"  @Ident"`
	Quoted   *QuotedIdentifier `parser:"| @QuotIdent"`
}

		}
		bs, err := elems.MarshalJSON()
		if err != nil {
			return nil, err
		}
		return FromBytes(bs), nil
	case []Value:
		return FromArray(rval), nil
	case nil:
		return FromNull(), nil
	case Missing:
		return FromMissing(), nil
	}
	return nil, fmt.Errorf("Unhandled value type: %T", result)
}

func (e *PrimaryTerm) evalNode(r Record, tableAlias string) (res *Value, err error) {
	switch {

			destBucket:            "destinationbucket",
			sameTarget:            false,
			expectedParsingErr:    nil,
			expectedValidationErr: nil,
		},
		// 4 missing role in config and destination ARN is in legacy format
		{

	// ErrObjectLockMissingContentMD5 - indicates missing Content-MD5 header for put object requests with locking
	ErrObjectLockMissingContentMD5 = errors.New("content-MD5 HTTP header is required for Put Object requests with Object Lock parameters")
	// ErrObjectLockInvalidHeaders indicates that object lock headers are missing

		xhttp.AmzContentSha256,
		xhttp.AmzSecurityToken,
		xhttp.AmzAlgorithm,
		xhttp.AmzDate,
		xhttp.AmzExpires,
		xhttp.AmzSignedHeaders,
		xhttp.AmzCredential,
		xhttp.AmzSignature,
	)

	// Add missing query parameters if any provided in the request URL
	for k, v := range req.Form {
		if !defaultSigParams.Contains(k) {
			query[k] = v
		}
	}

	// Get the encoded query.
	encodedQuery := query.Encode()

		if ok {
			policyName = globalIAMSys.CurrentPolicies(policies)
		}

		if newGlobalAuthZPluginFn() == nil {
			if !ok {
				writeSTSErrorResponse(ctx, w, ErrSTSInvalidParameterValue,
					fmt.Errorf("%s claim missing from the JWT token, credentials will not be generated", iamPolicyClaimNameOpenID()))
				return
			} else if policyName == "" {
				writeSTSErrorResponse(ctx, w, ErrSTSInvalidParameterValue,

	// 4. Verify the policy appears in listing
	ps, err := s.adm.ListCannedPolicies(ctx)
	if err != nil {
		c.Fatalf("policy list err: %v", err)
	}
	_, ok := ps[policy1]
	if !ok {
		c.Fatalf("policy was missing!")
	}

	// 3.2 associate policy to user
	err = s.adm.SetPolicy(ctx, policy2, accessKey, false)
	if err != nil {
		c.Fatalf("Unable to set policy: %v", err)
	}