# How to secure access to MinIO on Kubernetes with TLS [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)

This document explains how to configure MinIO server with TLS certificates on Kubernetes.

## 1. Prerequisites

- Familiarity with [MinIO deployment process on Kubernetes](https://min.io/docs/minio/kubernetes/upstream/operations/installation.html).

- Kubernetes cluster with `kubectl` configured.

If you want to secure your API, there are several better things you can do, for example:

* Make sure you have well defined Pydantic models for your request bodies and responses.
* Configure any required permissions and roles using dependencies.

introdusă este incorectă",andSpaces:" şi spaţierea",badInt:"Numărul introdus este incorect",badSecurityNumber:"Numărul de asigurare introdus este incorect",badUKVatAnswer:"Numărul CIF introdus este incorect",badStrength:"Parola Dvs nu este suficient de sigură",badNumberOfSelectedOptionsStart:"Trebuie să alegi măcar ",badNumberOfSelectedOptionsEnd:" răspunsuri",badAlphaNumeric:"Valoarea introdusă trebuie să con însă doar caractere alfanumerice ",badAlphaNumericExtra:" și ",wrongFileSize:"Fisierul trimis...

	stsEndpointURL, err := url.Parse(stsEndpoint)
	if err != nil {
		log.Fatalf("Error parsing sts endpoint: %v", err)
	}
	copts := &minio.Options{
		Creds:  li,
		Secure: stsEndpointURL.Scheme == "https",
	}
	minioClient, err := minio.New(stsEndpointURL.Host, copts)
	if err != nil {
		log.Fatalf("Error initializing client: ", err)
	}

        this.queryId = value;
    }

    public String getUrl() {
        checkSpecifiedProperty("url");
        return convertEmptyToNull(url);
    }

    public void setUrl(String value) {
        registerModifiedProperty("url");
        this.url = value;
    }

    public String getUserInfoId() {
        checkSpecifiedProperty("userInfoId");

///

A única coisa nova é o argumento `callbacks=invoices_callback_router.routes` no decorador da *operação de rota*. Veremos o que é isso a seguir.

## Documentando o callback

O código real do callback dependerá muito do seu próprio aplicativo de API.

E provavelmente variará muito de um aplicativo para o outro.

* **Senha segura** _hashing_ por padrão.
* Autenticação **Token JWT**.
* Modelos **SQLAlchemy** (independente de extensões Flask, para que eles possam ser usados com _workers_ Celery diretamente).

@Retention(RetentionPolicy.RUNTIME)
@Inherited
@Documented
public @interface Secured {
    /**
     * Returns the list of security configuration attributes (e.g. ROLE_USER, ROLE_ADMIN).
     *
     * @return String[] The secure method attributes
     */
    String[] value();

        assertNotNull(new License().toString());
    }

    public void testToStringNotNonsense() {
        License license = new License();
        license.setName("Unlicense");
        license.setUrl("http://lic.localdomain");

        String s = license.toString();

        assert "License {name=Unlicense, url=http://lic.localdomain}".equals(s) : s;
    }

   *
   * @deprecated If you must interoperate with a system that requires MD5, then use this method,
   *     despite its deprecation. But if you can choose your hash function, avoid MD5, which is
   *     neither fast nor secure. As of January 2017, we suggest:
   *     <ul>
   *       <li>For security:
   *           {@link Hashing#sha256} or a higher-level API.
   *       <li>For speed: {@link Hashing#goodFastHash}, though see its docs for caveats.