policy := "mypolicy-test-user-update"
	policyBytes := fmt.Appendf(nil, `{
 "Version": "2012-10-17",
 "Statement": [
  {
   "Effect": "Allow",
   "Action": [
    "s3:ListBucket"
   ],
   "Resource": [
    "arn:aws:s3:::%s"
   ]
  },
  {
   "Effect": "Allow",
   "Action": [
    "s3:PutObject",
    "s3:GetObject"
   ],
   "Resource": [
    "arn:aws:s3:::%s/*"
   ]
  }
 ]

    public static final int FLAGS_INHERITED = 0x10;

    boolean allow;
    int flags;
    int access;
    SID sid;

    /**
     * Returns true if this ACE is an allow ACE and false if it is a deny ACE.
     * @return true if this is an allow ACE, false if it is a deny ACE
     */
    public boolean isAllow() {
        return allow;
    }

    /**

        // Check all CORS headers are present
        assertNotNull(responseHeaders.get("Access-Control-Allow-Origin"), "Allow-Origin header should be set");
        assertNotNull(responseHeaders.get("Access-Control-Allow-Methods"), "Allow-Methods header should be set");
        assertNotNull(responseHeaders.get("Access-Control-Allow-Headers"), "Allow-Headers header should be set");

* `allow_origin_regex` - A regex string to match against origins that should be permitted to make cross-origin requests. e.g. `'https://.*\.example\.org'`.
* `allow_methods` - A list of HTTP methods that should be allowed for cross-origin requests. Defaults to `['GET']`. You can use `['*']` to allow all standard methods.

        server site1-minio4:9000;
    }

    server {
        listen       9001;
        listen  [::]:9001;
        server_name  localhost;

        # To allow special characters in headers
        ignore_invalid_headers off;
        # Allow any size file to be uploaded.
        # Set to a value such as 1000m; to restrict file size to a specific value
        client_max_body_size 0;
        # To disable buffering

        server site2-minio4:9000;
    }

    server {
        listen       9002;
        listen  [::]:9002;
        server_name  localhost;

        # To allow special characters in headers
        ignore_invalid_headers off;
        # Allow any size file to be uploaded.
        # Set to a value such as 1000m; to restrict file size to a specific value
        client_max_body_size 0;
        # To disable buffering

    @BeforeEach
    void setUp() {
        ace = new ACE();
    }

    @Test
    @DisplayName("Test decode with allow ACE")
    void testDecodeAllowACE() throws Exception {
        // Prepare test data - Allow ACE
        testBuffer = new byte[100];
        testBuffer[0] = 0x00; // Allow ACE
        testBuffer[1] = 0x03; // FLAGS_OBJECT_INHERIT | FLAGS_CONTAINER_INHERIT
        testBuffer[2] = 0x20; // Size low byte (32)

        server minio4:9001;
    }

    server {
        listen       9000;
        listen  [::]:9000;
        server_name  localhost;

        # To allow special characters in headers
        ignore_invalid_headers off;
        # Allow any size file to be uploaded.
        # Set to a value such as 1000m; to restrict file size to a specific value
        client_max_body_size 0;
        # To disable buffering

///

### Enable Proxy Forwarded Headers { #enable-proxy-forwarded-headers }

You can start FastAPI CLI with the *CLI Option* `--forwarded-allow-ips` and pass the IP addresses that should be trusted to read those forwarded headers.

If you set it to `--forwarded-allow-ips="*"` it would trust all the incoming IPs.

    }

    # main minio
    server {
        listen       9000;
        listen  [::]:9000;
        server_name  localhost;

         # To allow special characters in headers
         ignore_invalid_headers off;
         # Allow any size file to be uploaded.
         # Set to a value such as 1000m; to restrict file size to a specific value
         client_max_body_size 0;
         # To disable buffering