if err := config.CheckValidKeys(subSysTarget, kv, DefaultLoggerWebhookKVS); err != nil {
			return cfg, err
		}
		enableCfgVal := getCfgVal(EnvLoggerWebhookEnable, k, kv.Get(config.Enable))
		enable, err := config.ParseBool(enableCfgVal)
		if err != nil || !enable {
			continue
		}
		var url *xnet.URL
		endpoint := getCfgVal(EnvLoggerWebhookEndpoint, k, kv.Get(Endpoint))
		url, err = xnet.ParseHTTPURL(endpoint)
		if err != nil {

	AmbientDNSCapture bool

	// Whether ipv6 is enabled for ambient capture
	AmbientIPv6 bool
}

// RepairConfig struct defines the Istio CNI race repair configuration
type RepairConfig struct {
	// Whether to enable CNI race repair
	Enabled bool

	// The node name that the CNI DaemonSet runs on
	NodeName string

	// Key and value for broken pod label
	LabelKey   string
	LabelValue string

		}

		// Use the user provided ID here.
		resourceID += roleID
	}

	roleArn, err := arn.NewIAMRoleARN(resourceID, serverRegion)
	if err != nil {
		return args, config.Errorf("unable to generate ARN from the plugin config: %v", err)
	}

	args = Args{
		URL:         u,
		AuthToken:   authToken,
		Transport:   transport,
		CloseRespFn: closeRespFn,
		RolePolicy:  rolePolicy,

			continue
		}
		return false, Errorf("key '%s', cannot have empty value", kv[0])
	}

	_, ok := kvs.Lookup(Enable)
	// Check if state is required
	_, enableRequired := defaultKVS[subSys].Lookup(Enable)
	if !ok && enableRequired {
		// implicit state "on" if not specified.
		kvs.Set(Enable, EnableOn)
	}

	var currKVS KVS
	ck, ok := c[subSys][tgt]
	if !ok {
		currKVS = defaultKVS[subSys].Clone()

// Authorization Plugin config and env variables
const (
	URL         = "url"
	AuthToken   = "auth_token"
	EnableHTTP2 = "enable_http2"

	EnvPolicyPluginURL         = "MINIO_POLICY_PLUGIN_URL"
	EnvPolicyPluginAuthToken   = "MINIO_POLICY_PLUGIN_AUTH_TOKEN"
	EnvPolicyPluginEnableHTTP2 = "MINIO_POLICY_PLUGIN_ENABLE_HTTP2"
)

// DefaultKVS - default config for Authz plugin config
var (
	DefaultKVS = config.KVS{
		config.KV{

	}
	l.LDAP = ldap.Config{
		RootCAs:       rootCAs,
		ServerAddr:    ldapServer,
		SRVRecordName: getCfgVal(SRVRecordName),
	}

	// Parse explicitly set enable=on/off flag.
	isEnableFlagExplicitlySet := false
	if v := getCfgVal(config.Enable); v != "" {
		isEnableFlagExplicitlySet = true
		l.LDAP.Enabled, err = config.ParseBool(v)
		if err != nil {
			return l, err
		}
	}

)

const (
	// EnvIdentityTLSEnabled is an environment variable that controls whether the X.509
	// TLS STS API is enabled. By default, if not set, it is enabled.
	EnvIdentityTLSEnabled = "MINIO_IDENTITY_TLS_ENABLE"

	// EnvIdentityTLSSkipVerify is an environment variable that controls whether
	// MinIO verifies the client certificate present by the client
	// when requesting temp. credentials.