secretKey:          creds.SecretKey,
			body:               []byte(`<LifecycleConfiguration><Rule><ID>id</ID><Filter><Prefix>logs/</Prefix><Tag><Key>Key1</Key><Value>Value1</Value></Tag></Filter><Status>Enabled</Status><Expiration><Days>365</Days></Expiration></Rule></LifecycleConfiguration>`),
			expectedRespStatus: http.StatusBadRequest,
			lifecycleResponse:  []byte(``),
			errorResponse: APIErrorResponse{

			expectedErr: errInvalidStorageClass,
		},
		{
			// no transition rule
			xml:         []byte(`<LifecycleConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Rule><ID>rule</ID><Prefix /><Status>Enabled</Status><Expiration><Days>1</Days></Expiration></Rule></LifecycleConfiguration>`),

## Configuring OpenID Identity Provider on MinIO

Further, the temp. S3 credentials will never out-live the client certificate. For example, if the `MINIO_IDENTITY_TLS_STS_EXPIRY` is 7 days but the certificate itself is only valid for the next 3 days, then MinIO will return S3 credentials that are valid for 3 days only.

## Caveat

		return fmt.Errorf("OutputLocation required for SELECT requests")
	}

	if r.Days != 0 && r.Type == SelectRestoreRequest {
		return fmt.Errorf("Days cannot be specified with SELECT restore request")
	}
	if r.Days == 0 && r.Type != SelectRestoreRequest {
		return fmt.Errorf("restoration days should be at least 1")
	}
	// Check if bucket exists.
	if !r.OutputLocation.IsEmpty() {

concurrency:
  group: lock

jobs:
  action:
    runs-on: ubuntu-latest
    steps:
      - uses: dessant/lock-threads@v3
        with:
          github-token: ${{ github.token }}
          issue-inactive-days: '365'
          exclude-any-issue-labels: 'do-not-close'
          issue-lock-reason: 'resolved'

func TestPrepareUpdateMessage(t *testing.T) {
	testCases := []struct {
		older time.Duration
		dlURL string

		expectedSubStr string
	}{
		// Testcase index 0
		{72 * time.Hour, "my_download_url", "3 days before the latest release"},
		{3 * time.Hour, "https://my_download_url_is_huge/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "3 hours before the latest release"},
		{-72 * time.Hour, "another_update_url", ""},

	}
	return FromTimestamp(t.Add(duration)), nil
}

// dateDiff computes the difference between two times in terms of the
// `timePart` which can be years, months, days, hours, minutes or
// seconds. For difference in years, months or days, the time part,
// including timezone is ignored.
func dateDiff(timePart string, ts1, ts2 time.Time) (*Value, error) {
	if ts2.Before(ts1) {
		v, err := dateDiff(timePart, ts2, ts1)

```
...
        "MetaUsr": {
         "X-Amz-Restore-Expiry-Days": "4",
          "X-Amz-Restore-Request-Date": "Mon, 22 Feb 2021 21:10:09 GMT",
          "x-amz-restore": "ongoing-request=false, expiry-date=Sat, 27 Feb 2021 00:00:00 GMT",
...
```

### Encrypted/Object locked objects

		formValues.Set("X-Amz-Credential", tt.XAmzCredential)
		if tt.Expired {
			// Expired already.
			pp.SetExpires(UTCNow().AddDate(0, 0, -10))
		} else {
			// Expires in 10 days.
			pp.SetExpires(UTCNow().AddDate(0, 0, 10))
		}

		formValues.Set("Policy", base64.StdEncoding.EncodeToString([]byte(pp.String())))
		formValues.Set("Success_action_status", tt.SuccessActionStatus)