HandlerFunc(s3APIMiddleware(api.GetBucketLocationHandler)).
			Queries("location", "")
		// GetBucketPolicy
		router.Methods(http.MethodGet).
			HandlerFunc(s3APIMiddleware(api.GetBucketPolicyHandler)).
			Queries("policy", "")
		// GetBucketLifecycle
		router.Methods(http.MethodGet).
			HandlerFunc(s3APIMiddleware(api.GetBucketLifecycleHandler)).
			Queries("lifecycle", "")
		// GetBucketEncryption
		router.Methods(http.MethodGet).

            }
          ]]></code>
        </codeSegment>
      </codeSegments>
    </class>

    <class>
      <name>RepositoryPolicy</name>
      <version>1.0.0</version>
      <description>Download policy</description>
      <fields>
        <field>
          <name>enabled</name>
          <version>1.0.0</version>
          <description>Whether to use this repository for downloading this type of artifact</description>

### Promoted endPort in Network Policy to Stable

Promoted `endPort` in [Network Policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/#targeting-a-range-of-ports) to GA. Network Policy providers that support `endPort` field now can use it to specify a range of ports to apply a Network Policy. Previously, each Network Policy could only target a single port.

   capacity and competence.

 * **Be considerate**: People use our work, and we depend on the work of others. Consider users and
   colleagues before taking action. For example, changes to code, infrastructure, policy, and
   documentation may negatively impact others.

 * **Be respectful**: We expect people to work together to resolve conflict, assume good intentions,
   and act with empathy. Do not turn disagreements into personal attacks.

export MC_HOST_siteb=http://minioadmin:minioadmin@127.0.0.1:9004

./mc ready sitea
./mc ready siteb

./mc admin replicate add sitea siteb

./mc admin user add sitea foobar foo12345

./mc admin policy attach sitea/ consoleAdmin --user=foobar

./mc admin user info siteb foobar

killall -9 minio

echo "turning off root access, however site replication must continue"
export MINIO_API_ROOT_ACCESS=off

	_, err = globalIAMSys.PolicyDBSet(ctx, ucreds.AccessKey, "consoleAdmin", regUser, false)
	if err != nil {
		t.Fatalf("unable to attach policy to credential, %s", err)
	}

	time.Sleep(4 * time.Second)

	policies, err := globalIAMSys.PolicyDBGet(ucreds.AccessKey)
	if err != nil {
		t.Fatalf("unable to get policy to credential, %s", err)
	}

	if len(policies) == 0 {
		t.Fatal("no policies found")
	}

```

If provided, the auth token parameter is sent as an authorization header.

`MINIO_IDENTITY_PLUGIN_ROLE_POLICY` is a required parameter and can be list of comma separated policy names.

      - [Cluster Discovery/Bootstrap](#cluster-discoverybootstrap)
      - [Multi-platform](#multi-platform)
      - [Cloud Providers](#cloud-providers)
    - [Network](#network)
      - [network-policy](#network-policy)
      - [kube-proxy ipvs mode](#kube-proxy-ipvs-mode)
    - [API Machinery](#api-machinery)
      - [kube-apiserver](#kube-apiserver)
      - [Dynamic Admission Control](#dynamic-admission-control)

##### COMPATIBLE_TLS versions

* TLSv1

[OkHttp 3.11][OkHttp311]
------------------------

_2018-07-12_

Added a new extra strict RESTRICTED_TLS configuration inspired by [Google Cloud’s similar policy][googlecloud_ssl_policy]. It is appropriate when both the host platform
(JVM/Conscrypt/Android) and target webserver are current.

##### RESTRICTED_TLS cipher suites

 * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

import okhttp3.internal.connection.RealCall
import okhttp3.internal.connection.RealCall.AsyncCall
import okhttp3.internal.okHttpName
import okhttp3.internal.threadFactory
import okhttp3.internal.unmodifiable

/**
 * Policy on when async requests are executed.
 *
 * Each dispatcher uses an [ExecutorService] to run calls internally. If you supply your own
 * executor, it should be able to run [the configured maximum][maxRequests] number of calls