Guillaume Nodet <******@****.***> 1729859506 +0200

## Use `CORSMiddleware` { #use-corsmiddleware }

You can configure it in your **FastAPI** application using the `CORSMiddleware`.

* Import `CORSMiddleware`.
* Create a list of allowed origins (as strings).
* Add it as a "middleware" to your **FastAPI** application.

You can also specify whether your backend allows:

	// ErrPreloadNotAllowed preload is not allowed when count is used
	ErrPreloadNotAllowed = errors.New("preload is not allowed when count is used")
	// ErrDuplicatedKey occurs when there is a unique key constraint violation
	ErrDuplicatedKey = errors.New("duplicated key not allowed")
	// ErrForeignKeyViolated occurs when there is a foreign key constraint violation

    }
    expectUnchanged();
  }

  @MapFeature.Require(absent = SUPPORTS_PUT)
  public void testReplaceEntry_unsupportedAbsentKey() {
    try {
      getMap().replace(k3(), v3(), v4());
    } catch (UnsupportedOperationException tolerated) {
      // the operation would be a no-op, so exceptions are allowed but not required
    }
    expectUnchanged();

    }
    expectUnchanged();
  }

  @MapFeature.Require(absent = SUPPORTS_PUT)
  public void testReplaceEntry_unsupportedAbsentKey() {
    try {
      getMap().replace(k3(), v3(), v4());
    } catch (UnsupportedOperationException tolerated) {
      // the operation would be a no-op, so exceptions are allowed but not required
    }
    expectUnchanged();

	if s3Err != ErrNone {
		return cred, s3Err
	}
	if globalIAMSys.IsAllowed(policy.Args{
		AccountName:     cred.AccessKey,
		Groups:          cred.Groups,
		Action:          policy.Action(action),
		ConditionValues: getConditionValues(r, "", cred),
		IsOwner:         owner,
		Claims:          cred.Claims,
	}) {
		// Request is allowed return the appropriate access key.
		return cred, ErrNone
	}

    "--connect-timeout",
  ).help(
    "Maximum time allowed for connection (seconds)",
  ).int()
    .default(DEFAULT_TIMEOUT)

  val readTimeout: Int by option("--read-timeout")
    .help("Maximum time allowed for reading data (seconds)")
    .int()
    .default(DEFAULT_TIMEOUT)

  val callTimeout: Int by option(
    "--call-timeout",
  ).help(
    "Maximum time allowed for the entire call (seconds)",
  ).int()

// errMethodNotAllowed means that method is not allowed.
var errMethodNotAllowed = errors.New("Method not allowed")

// errSignatureMismatch means signature did not match.
var errSignatureMismatch = errors.New("Signature does not match")

// When upload object size is greater than 5G in a single PUT/POST operation.
var errDataTooLarge = errors.New("Object size larger than allowed limit")

	// Only one rule is allowed on AWS S3
	if len(config.Rules) != 1 {
		return nil, errors.New("only one server-side encryption rule is allowed at a time")
	}

	for _, rule := range config.Rules {
		switch rule.DefaultEncryptionAction.Algorithm {
		case AES256:
			if rule.DefaultEncryptionAction.MasterKeyID != "" {
				return nil, errors.New("MasterKeyID is allowed with aws:kms only")
			}
		case AWSKms:

   ├─ CAs
   ├─ private.key
   └─ public.crt
```

You can provide a custom certs directory using `--certs-dir` command line option.

#### Credentials

On MinIO admin credentials or root credentials are only allowed to be changed using ENVs namely `MINIO_ROOT_USER` and `MINIO_ROOT_PASSWORD`.

```sh
export MINIO_ROOT_USER=minio
export MINIO_ROOT_PASSWORD=minio13
minio server /data
```

#### Site

```
KEY: