E é possível que para o seu caso de uso, a solução está em uma delas.

///

## Leia o Tutorial primeiro { #read-the-tutorial-first }

As próximas seções pressupõem que você já leu o principal [Tutorial - Guia de Usuário: Segurança](../../tutorial/security/index.md).

    /** The Kerberos subject for authentication */
    private Subject subject = null;
    /** The user principal name */
    private String user = null;
    /** The Kerberos realm */
    private String realm = null;
    /** The service principal name */
    private String service = DEFAULT_SERVICE;
    /** The user credential lifetime */
    private int userLifetime = GSSCredential.DEFAULT_LIFETIME;

{
   "Version":"2012-10-17",
   "Id":"PutObjectPolicy1",
   "Statement":[{
         "Sid":"DenyObjectsWithInvalidSSEKMS",
         "Effect":"Deny",
         "Principal":"*",
         "Action":"s3:PutObject",
         "Resource":"arn:aws:s3:::multi-key-poc/*",
         "Condition":{
            "StringNotEquals":{
               "s3:x-amz-server-side-encryption-aws-kms-key-id":"minio-default-key"
            }
         }
      }
   ]

bucketPolicyTemplate := `{"Version":"2012-10-17","Statement":[{"Sid":"","Effect":"Allow","Principal":{"AWS":["*"]},"Action":["s3:GetBucketLocation","s3:ListBucket"],"Resource":["arn:aws:s3:::%s"]},{"Sid":"","Effect":"Allow","Principal":{"AWS":["*"]},"Action":["s3:GetObject"],"Resource":["arn:aws:s3:::%s/this*"]}]}`

	bucketPolicyTemplateWithoutVersion := `{"Version":"","Statement":[{"Sid":"","Effect":"Allow","Principal":{"AWS":["*"]},"Action":["s3:GetBucketLocation","s3:ListBucket"],"Resource":["...

	// StoreExtension - file extension of an event file in store
	StoreExtension = ".event"
)

// Identity represents access key who caused the event.
type Identity struct {
	PrincipalID string `json:"principalId"`
}

// Bucket represents bucket metadata of the event.
type Bucket struct {
	Name          string   `json:"name"`
	OwnerIdentity Identity `json:"ownerIdentity"`
	ARN           string   `json:"arn"`

Las tareas principales que puedes hacer ahora son:

* [Ayudar a otros con preguntas en GitHub](#help-others-with-questions-in-github) (ver la sección arriba).
* [Revisar Pull Requests](#review-pull-requests) (ver la sección arriba).

Esas dos tareas son las que **consumen más tiempo**. Ese es el trabajo principal de mantener FastAPI.

  @MapFeature.Require(value = SUPPORTS_PUT, absent = ALLOWS_NULL_VALUES)
  public void testPutAllNullValueSingle_unsupported() {
    multimap().putAll(k1(), newArrayList((V) null));
    expectUnchanged();
  }

  // In principle, it would be nice to apply these two tests to keys with existing values, too.

  @MapFeature.Require(value = SUPPORTS_PUT, absent = ALLOWS_NULL_VALUES)
  public void testPutAllNullValueNullLast_unsupported() {

	return []miniogopolicy.Statement{
		{
			Effect:    string(policy.Allow),
			Principal: miniogopolicy.User{AWS: set.CreateStringSet("*")},
			Resources: set.CreateStringSet(policy.NewResource(bucketName).String()),
			Actions:   set.CreateStringSet("s3:GetBucketLocation", "s3:ListBucket"),
		},
		{
			Effect:    string(policy.Allow),
			Principal: miniogopolicy.User{AWS: set.CreateStringSet("*")},

var errSftpPublicKeyWithoutCert = errors.New("public key authentication without certificate is not accepted")

// error returned in SFTP when user used certificate which does not contain principal(s)
var errSftpCertWithoutPrincipals = errors.New("certificates without principal(s) are not accepted")

// error returned when group name contains reserved characters

package event

import "net/http"

// Identity represents access key who caused the event.
type Identity struct {
	Type        string `json:"type"`
	PrincipalID string `json:"principalId"`
	AccessKeyID string `json:"accessKeyId"`
}

// UserRequest user request headers
type UserRequest struct {
	URL     string      `json:"url"`
	Headers http.Header `json:"headers"`
}