Install the chart, specifying the users you want to create after install: ```bash helm install --set users[0].accessKey=accessKey,users[0].secretKey=secretKey,users[0].policy=none,users[1].accessKey=accessKey2,users[1].secretRef=existingSecret,users[1].secretKey=password,users[1].policy=none minio/minio ``` Description of the configuration parameters used above - - `users[].accessKey` - accessKey of user - `users[].secretKey` - secretKey of usersecretRef - `users[].existingSecret` - secret name that contains...

Install the chart, specifying the users you want to create after install: ```bash helm install --set users[0].accessKey=accessKey,users[0].secretKey=secretKey,users[0].policy=none,users[1].accessKey=accessKey2,users[1].secretRef=existingSecret,users[1].secretKey=password,users[1].policy=none minio/minio ``` Description of the configuration parameters used above - - `users[].accessKey` - accessKey of user - `users[].secretKey` - secretKey of usersecretRef - `users[].existingSecret` - secret name that contains...

	"os"
	"testing"

	jwtgo "github.com/golang-jwt/jwt/v4"
	xjwt "github.com/minio/minio/internal/jwt"
)

func getTokenString(accessKey, secretKey string) (string, error) {
	claims := xjwt.NewMapClaims()
	claims.SetExpiry(UTCNow().Add(defaultJWTExpiry))
	claims.SetAccessKey(accessKey)
	token := jwtgo.NewWithClaims(jwtgo.SigningMethodHS512, claims)
	return token.SignedString([]byte(secretKey))
}

					_ = store.deleteUserIdentity(ctx, u.AccessKey, svcUser)
					delete(cache.iamUsersMap, u.AccessKey)
				case u.IsTemp():
					_ = store.deleteUserIdentity(ctx, u.AccessKey, stsUser)
					delete(cache.iamSTSAccountsMap, u.AccessKey)
					delete(cache.iamUsersMap, u.AccessKey)
				}
				if store.group != nil {
					store.group.Forget(u.AccessKey)
				}
			}
		}
	}

	return nil
}

// Sign given request using Signature V2.
func signRequestV2(req *http.Request, accessKey, secretKey string) error {
	signer.SignV2(*req, accessKey, secretKey, false)
	return nil
}

// Sign given request using Signature V4.
func signRequestV4(req *http.Request, accessKey, secretKey string) error {
	// Get hashed payload.
	hashedPayload := req.Header.Get("x-amz-content-sha256")

	"testing"

	"github.com/minio/madmin-go/v3"
	"github.com/minio/minio/internal/auth"
)

func TestDecryptData(t *testing.T) {
	cred1 := auth.Credentials{
		AccessKey: "minio",
		SecretKey: "minio123",
	}

	cred2 := auth.Credentials{
		AccessKey: "minio",
		SecretKey: "minio1234",
	}

	data := []byte(`config data`)
	edata1, err := madmin.EncryptData(cred1.String(), data)
	if err != nil {
		t.Fatal(err)
	}

ct":"Allow","Action":["s3:PutObject"],"Resource":["arn:aws:s3:::*"]}]}} iam-assets/users.json {} iam-assets/groups.json {} iam-assets/svcaccts.json {"dillon-service-2":{"parent":"oCnAoSQFtdVQtKwrB73j","accessKey":"dillon-service-2","secretKey":"dillon-service-2","groups":null,"claims":{"accessKey":"dillon-service-2","at_hash":"LL4jvrkBRNQhOKiC83RL","aud":"minio-client-app","c_hash":"fjGB4ldChsaf9vSFdZ1P","email":"******@****.***","email_verified":true,"groups":["projecta","projectb"],"iat":172...

		zb0001--
		field, err = dc.ReadMapKeyPtr()
		if err != nil {
			err = msgp.WrapError(err)
			return
		}
		switch msgp.UnsafeString(field) {
		case "AccessKey":
			z.AccessKey, err = dc.ReadString()
			if err != nil {
				err = msgp.WrapError(err, "AccessKey")
				return
			}
		case "SecretKey":
			z.SecretKey, err = dc.ReadString()
			if err != nil {
				err = msgp.WrapError(err, "SecretKey")
				return
			}

	var accessKey, secretKey string
	if test.asRoot {
		accessKey, secretKey = globalActiveCred.AccessKey, globalActiveCred.SecretKey
	} else {
		setupKMSUser(t, userAccessKey, userSecretKey, test.policy)
		accessKey = userAccessKey
		secretKey = userSecretKey
	}

	req := buildKMSRequest(t, test.method, test.path, accessKey, secretKey, test.query)
	rec := httptest.NewRecorder()

	if err != nil {
		t.Fatal(err)
	}

	if err = signRequestV4(req, globalActiveCred.AccessKey, globalActiveCred.SecretKey); err != nil {
		t.Fatal(err)
	}

	_, owner, s3Err := checkKeyValid(req, globalActiveCred.AccessKey)
	if s3Err != ErrNone {
		t.Fatalf("Unexpected failure with %v", errorCodes.ToAPIErr(s3Err))
	}

	if !owner {