makePolicyJob: securityContext: enabled: false runAsUser: 1000 runAsGroup: 1000 resources: requests: memory: 128Mi # Command to run after the main command on exit exitCommand: "" ## List of users to be created after minio install ## users: ## Username, password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://min.io/docs/minio/kubernetes/upstream/administration/identity-access-management.h...

makePolicyJob: securityContext: enabled: false runAsUser: 1000 runAsGroup: 1000 resources: requests: memory: 128Mi # Command to run after the main command on exit exitCommand: "" ## List of users to be created after minio install ## users: ## Username, password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://min.io/docs/minio/kubernetes/upstream/administration/identity-access-management.h...

makePolicyJob: securityContext: enabled: false runAsUser: 1000 runAsGroup: 1000 resources: requests: memory: 128Mi # Command to run after the main command on exit exitCommand: "" ## List of users to be created after minio install ## users: ## Username, password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://min.io/docs/minio/kubernetes/upstream/administration/identity-access-management.h...

Agora você pode obter o usuário atual diretamente na sua *função de operação de rota*.

Já estamos na metade do caminho.

Só precisamos adicionar uma *operação de rota* para que o usuário/cliente realmente envie o `username` e `password`.

			Optional:    true,
			Type:        "string",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         KafkaSASLPassword,
			Description: "password for SASL/PLAIN or SASL/SCRAM authentication",
			Optional:    true,
			Type:        "string",
			Sensitive:   true,
			Secret:      true,
		},
		config.HelpKV{
			Key:         KafkaSASLMechanism,

Create new users following the multi-user guide [here](https://docs.min.io/community/minio-object-store/administration/identity-access-management.html)

### Testing an example with awscli tool

> Use the same username and password created in the previous steps.

```
[foobar]
region = us-east-1
aws_access_key_id = foobar
aws_secret_access_key = foo12345
```

	EnvKESServerCA       = "MINIO_KMS_KES_CAPATH"       // Path to file/directory containing CA certificates to verify the KES server certificate
	EnvKESClientPassword = "MINIO_KMS_KES_KEY_PASSWORD" // Optional password to decrypt an encrypt TLS private key
)

// Environment variables for static KMS key.
const (

@REM Apache Maven Wrapper startup batch script, version 3.3.4
@REM
@REM Optional ENV vars
@REM   MVNW_REPOURL - repo url base for downloading maven distribution
@REM   MVNW_USERNAME/MVNW_PASSWORD - user and password for downloading maven
@REM   MVNW_VERBOSE - true: enable verbose log; others: silence the output
@REM ----------------------------------------------------------------------------

    * `implicit`
    * `clientCredentials`
    * `authorizationCode`
  * Pero hay un "flujo" específico que puede usarse perfectamente para manejar la autenticación directamente en la misma aplicación:
    * `password`: algunos de los próximos capítulos cubrirán ejemplos de esto.
* `openIdConnect`: tiene una forma de definir cómo descubrir automáticamente los datos de autenticación OAuth2.

而且，所有端点（或它们的任何部件）都可以利用这些依赖项或任何其它依赖项。

所有*路径操作*只需 3 行代码就可以了：

{* ../../docs_src/security/tutorial002.py hl[30:32] *}

## 小结

现在，我们可以直接在*路径操作函数*中获取当前用户。

至此，安全的内容已经讲了一半。

只要再为用户或客户端的*路径操作*添加真正发送 `username` 和 `password` 的功能就可以了。