Release v0.36.0 (#2988 )

Update Settings Page components (#2986 )
Signed-off-by: Benjamin Perez <benjamin@bexsoft.net>
2023-08-10 11:59:15 -07:00 · 2023-08-09 18:30:42 -06:00 · 2023-08-09 12:06:17 -06:00 · 2023-08-09 10:29:41 -07:00 · 2023-08-04 13:45:41 -06:00 · 2023-08-03 20:21:44 -07:00
2843 changed files with 167494 additions and 374573 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -0,0 +1,48 @@
 ---
 name: Bug report
 about: Create a report to help us improve
 title: ''
 labels: community, triage
 assignees: ''
 ---
 ## NOTE
 If this case is urgent, please subscribe to [Subnet](https://min.io/pricing) so that our 24/7 support team may help you faster.
 <!--- Provide a general summary of the issue in the title above -->
 ## Expected Behavior
 <!--- If you're describing a bug, tell us what should happen -->
 <!--- If you're suggesting a change/improvement, tell us how it should work -->
 ## Current Behavior
 <!--- If describing a bug, tell us what happens instead of the expected behavior -->
 <!--- If suggesting a change/improvement, explain the difference from current behavior -->
 ## Possible Solution
 <!--- Not obligatory, but suggest a fix/reason for the bug, -->
 <!--- or ideas how to implement the addition or change -->
 ## Steps to Reproduce (for bugs)
 <!--- Provide a link to a live example, or an unambiguous set of steps to -->
 <!--- reproduce this bug. Include code to reproduce, if relevant -->
 1.
 2.
 3.
 4.
 ## Context
 <!--- How has this issue affected you? What are you trying to accomplish? -->
 <!--- Providing context helps us come up with a solution that is most useful in the real world -->
 ## Regression
 <!-- Is this issue a regression? (Yes / No) -->
 <!-- If Yes, optionally please include the MinIO version or commit id or PR# that caused this regression, if you have these details. -->
 ## Your Environment
 <!--- Include as many relevant details about the environment you experienced the bug in -->
 * MinIO version used (`minio --version`):
 * Server setup and configuration:
 * Operating System and version (`uname -a`):
--- a/.github/workflows/compiles.yml
+++ b/.github/workflows/compiles.yml
@@ -1,34 +0,0 @@
 name: Go
 on:
  pull_request:
    branches:
      - master
  push:
    branches:
      - master
 jobs:
  build:
    name: Compiles on Go ${{ matrix.go-version }} and ${{ matrix.os }}
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [1.17.x]
        os: [ubuntu-latest]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
        uses: actions/setup-go@v2
        with:
          go-version: ${{ matrix.go-version }}
        id: go
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
      - name: Build on ${{ matrix.os }}
        env:
          GO111MODULE: on
          GOOS: linux
        run: |
          make console
--- a/.github/workflows/cross-compile.yaml
+++ b/.github/workflows/cross-compile.yaml
@@ -0,0 +1,166 @@
 # @format
 name: Cross Compile
 on:
  pull_request:
    branches:
      - master
    paths:
      - go.sum
 # This ensures that previous jobs for the PR are canceled when the PR is
 # updated.
 concurrency:
  group: ${{ github.workflow }}-${{ github.head_ref }}
  cancel-in-progress: true
 jobs:
  cross-compile-1:
    name: Cross compile
    needs:
      - lint-job
      - ui-assets
      - reuse-golang-dependencies
      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [ 1.19.x, 1.20.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Check out code
        uses: actions/checkout@v3
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
        uses: actions/setup-go@v3
        with:
          go-version: ${{ matrix.go-version }}
          cache: true
        id: go
      - name: Build on ${{ matrix.os }}
        env:
          GO111MODULE: on
          GOOS: linux
        run: |
          make crosscompile arg1="'linux/ppc64le linux/mips64'"
  cross-compile-2:
    name: Cross compile 2
    needs:
      - lint-job
      - ui-assets
      - reuse-golang-dependencies
      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [ 1.20.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Check out code
        uses: actions/checkout@v3
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
        uses: actions/setup-go@v3
        with:
          go-version: ${{ matrix.go-version }}
          cache: true
        id: go
      - name: Build on ${{ matrix.os }}
        env:
          GO111MODULE: on
          GOOS: linux
        run: |
          make crosscompile arg1="'linux/arm64 linux/s390x'"
  cross-compile-3:
    name: Cross compile 3
    needs:
      - lint-job
      - ui-assets
      - reuse-golang-dependencies
      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [ 1.20.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Check out code
        uses: actions/checkout@v3
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
        uses: actions/setup-go@v3
        with:
          go-version: ${{ matrix.go-version }}
          cache: true
        id: go
      - name: Build on ${{ matrix.os }}
        env:
          GO111MODULE: on
          GOOS: linux
        run: |
          make crosscompile arg1="'darwin/amd64 freebsd/amd64'"
  cross-compile-4:
    name: Cross compile 4
    needs:
      - lint-job
      - ui-assets
      - reuse-golang-dependencies
      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [ 1.20.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Check out code
        uses: actions/checkout@v3
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
        uses: actions/setup-go@v3
        with:
          go-version: ${{ matrix.go-version }}
          cache: true
        id: go
      - name: Build on ${{ matrix.os }}
        env:
          GO111MODULE: on
          GOOS: linux
        run: |
          make crosscompile arg1="'windows/amd64 linux/arm'"
  cross-compile-5:
    name: Cross compile 5
    needs:
      - lint-job
      - ui-assets
      - reuse-golang-dependencies
      - semgrep-static-code-analysis
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [ 1.20.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Check out code
        uses: actions/checkout@v3
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
        uses: actions/setup-go@v3
        with:
          go-version: ${{ matrix.go-version }}
          cache: true
        id: go
      - name: Build on ${{ matrix.os }}
        env:
          GO111MODULE: on
          GOOS: linux
        run: |
          make crosscompile arg1="'linux/386 netbsd/amd64'"
--- a/.github/workflows/crosscompile-1.yml
+++ b/.github/workflows/crosscompile-1.yml
@@ -1,34 +0,0 @@
 name: Go
 on:
  pull_request:
    branches:
      - master
  push:
    branches:
      - master
 jobs:
  build:
    name: Cross compile
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [1.17.x]
        os: [ubuntu-latest]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
        uses: actions/setup-go@v2
        with:
          go-version: ${{ matrix.go-version }}
        id: go
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
      - name: Build on ${{ matrix.os }}
        env:
          GO111MODULE: on
          GOOS: linux
        run: |
          make crosscompile arg1="'linux/ppc64le linux/mips64'"
--- a/.github/workflows/crosscompile-2.yml
+++ b/.github/workflows/crosscompile-2.yml
@@ -1,34 +0,0 @@
 name: Go
 on:
  pull_request:
    branches:
      - master
  push:
    branches:
      - master
 jobs:
  build:
    name: Cross compile
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [1.17.x]
        os: [ubuntu-latest]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
        uses: actions/setup-go@v2
        with:
          go-version: ${{ matrix.go-version }}
        id: go
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
      - name: Build on ${{ matrix.os }}
        env:
          GO111MODULE: on
          GOOS: linux
        run: |
          make crosscompile arg1="'linux/arm64 linux/s390x'"
--- a/.github/workflows/crosscompile-3.yml
+++ b/.github/workflows/crosscompile-3.yml
@@ -1,34 +0,0 @@
 name: Go
 on:
  pull_request:
    branches:
      - master
  push:
    branches:
      - master
 jobs:
  build:
    name: Cross compile
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [1.17.x]
        os: [ubuntu-latest]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
        uses: actions/setup-go@v2
        with:
          go-version: ${{ matrix.go-version }}
        id: go
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
      - name: Build on ${{ matrix.os }}
        env:
          GO111MODULE: on
          GOOS: linux
        run: |
          make crosscompile arg1="'darwin/amd64 freebsd/amd64'"
--- a/.github/workflows/crosscompile-4.yml
+++ b/.github/workflows/crosscompile-4.yml
@@ -1,34 +0,0 @@
 name: Go
 on:
  pull_request:
    branches:
      - master
  push:
    branches:
      - master
 jobs:
  build:
    name: Cross compile
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [1.17.x]
        os: [ubuntu-latest]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
        uses: actions/setup-go@v2
        with:
          go-version: ${{ matrix.go-version }}
        id: go
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
      - name: Build on ${{ matrix.os }}
        env:
          GO111MODULE: on
          GOOS: linux
        run: |
          make crosscompile arg1="'windows/amd64 linux/arm'"
--- a/.github/workflows/crosscompile-5.yml
+++ b/.github/workflows/crosscompile-5.yml
@@ -1,34 +0,0 @@
 name: Go
 on:
  pull_request:
    branches:
      - master
  push:
    branches:
      - master
 jobs:
  build:
    name: Cross compile
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [1.17.x]
        os: [ubuntu-latest]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
        uses: actions/setup-go@v2
        with:
          go-version: ${{ matrix.go-version }}
        id: go
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
      - name: Build on ${{ matrix.os }}
        env:
          GO111MODULE: on
          GOOS: linux
        run: |
          make crosscompile arg1="'linux/386 netbsd/amd64'"
--- a/.github/workflows/go-test-pkg.yml
+++ b/.github/workflows/go-test-pkg.yml
@@ -1,34 +0,0 @@
 name: Go
 on:
  pull_request:
    branches:
      - master
  push:
    branches:
      - master
 jobs:
  build:
    name: Test Pkg on Go ${{ matrix.go-version }} and ${{ matrix.os }}
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [1.17.x]
        os: [ubuntu-latest]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
        uses: actions/setup-go@v2
        with:
          go-version: ${{ matrix.go-version }}
        id: go
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
      - name: Build on ${{ matrix.os }}
        env:
          GO111MODULE: on
          GOOS: linux
        run: |
          make test-pkg
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -1,34 +0,0 @@
 name: Go
 on:
  pull_request:
    branches:
      - master
  push:
    branches:
      - master
 jobs:
  build:
    name: Test Restapi on Go ${{ matrix.go-version }} and ${{ matrix.os }}
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [1.17.x]
        os: [ubuntu-latest]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
        uses: actions/setup-go@v2
        with:
          go-version: ${{ matrix.go-version }}
        id: go
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
      - name: Build on ${{ matrix.os }}
        env:
          GO111MODULE: on
          GOOS: linux
        run: |
          make test
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -1,38 +0,0 @@
 name: Go
 on:
  pull_request:
    branches:
      - master
  push:
    branches:
      - master
 # This ensures that previous jobs for the PR are canceled when the PR is
 # updated.
 concurrency:
  group: ${{ github.workflow }}-${{ github.head_ref }}
  cancel-in-progress: true
 jobs:
  minio-test:
    name: Integration Tests with Latest Distributed MinIO
    runs-on: ubuntu-latest
    strategy:
      matrix:
        go-version: [1.17.x]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
        uses: actions/setup-go@v2
        with:
          go-version: ${{ matrix.go-version }}
        id: go
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
      - name: Build on ${{ matrix.os }}
        run: |
          make test-integration
--- a/.github/workflows/issues.yaml
+++ b/.github/workflows/issues.yaml
@@ -0,0 +1,18 @@
 # @format
 name: Issue Workflow
 on:
  issues:
    types:
      - opened
 jobs:
  add-to-project:
    name: Add issue to project
    runs-on: ubuntu-latest
    steps:
      - uses: actions/add-to-project@v0.5.0
        with:
          project-url: https://github.com/orgs/miniohq/projects/2
          github-token: ${{ secrets.BOT_PAT }}
--- a/.github/workflows/jobs.yaml
+++ b/.github/workflows/jobs.yaml
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -1,34 +0,0 @@
 name: Go
 on:
  pull_request:
    branches:
      - master
  push:
    branches:
      - master
 jobs:
  build:
    name: Checking Lint
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [1.17.x]
        os: [ubuntu-latest]
    steps:
      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
        uses: actions/setup-go@v2
        with:
          go-version: ${{ matrix.go-version }}
        id: go
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
      - name: Build on ${{ matrix.os }}
        env:
          GO111MODULE: on
          GOOS: linux
        run: |
          make verifiers
--- a/.github/workflows/react.yml
+++ b/.github/workflows/react.yml
@@ -1,15 +0,0 @@
 name: "React Tests"
 on:
  push:
  pull_request:
 jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Install modules
        working-directory: ./portal-ui
        run: yarn
      - name: Run tests
        working-directory: ./portal-ui
        run: yarn test
--- a/.github/workflows/vulncheck.yaml
+++ b/.github/workflows/vulncheck.yaml
@@ -0,0 +1,51 @@
 name: Vulnerability Check
 on:
  pull_request:
    branches:
      - master
  push:
    branches:
      - master
 permissions:
  contents: read # to fetch code (actions/checkout)
 jobs:
  vulncheck:
    name: Analysis
    runs-on: ubuntu-latest
    steps:
      - name: Check out code into the Go module directory
        uses: actions/checkout@v3
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
          go-version: 1.20.x
          check-latest: true
      - name: Get official govulncheck
        run: go install golang.org/x/vuln/cmd/govulncheck@latest
        shell: bash
      - name: Run govulncheck
        run: govulncheck ./...
        shell: bash
  react-code-known-vulnerabilities:
    name: "React Code Has No Known Vulnerable Deps"
    runs-on: ubuntu-latest
    strategy:
      matrix:
        go-version: [ 1.20.x ]
        os: [ ubuntu-latest ]
    steps:
      - name: Check out code
        uses: actions/checkout@v3
      - uses: actions/setup-node@v3
        with:
          node-version: ${{ env.NVMRC }}
          cache: "yarn"
          cache-dependency-path: portal-ui/yarn.lock
      - name: Checks for known security issues with the installed packages
        working-directory: ./portal-ui
        continue-on-error: false
        run: |
          yarn audit --groups dependencies
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,13 @@
 # Playwright Data
 portal-ui/storage/
 portal-ui/playwright/.auth/admin.json
 # Report from Playwright
 portal-ui/playwright-report/
 # Coverage from Playwright
 portal-ui/.nyc_output/
 # Binaries for programs and plugins
 *.exe
 *.exe~
@@ -19,6 +29,7 @@ vendor/
 # Ignore executables
 target/
 !pkg/logger/target/
 console
 !console/
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -5,23 +5,32 @@ linters-settings:
  misspell:
    locale: US
  goheader:
    values:
      regexp:
        copyright-holder: Copyright \(c\) (20\d\d\-20\d\d)|2021|({{year}})
    template-path: .license.tmpl
 linters:
  disable-all: true
  enable:
    - typecheck
    - goimports
    - misspell
    - govet
    - revive
    - ineffassign
    - gosimple
-    - deadcode
+    - gomodguard
-    - unparam
+    - gofmt
    - unused
-    - structcheck
+    - staticcheck
    - unconvert
    - gocritic
    - gofumpt
    - durationcheck
 service:
-  golangci-lint-version: 1.27.0 # use the fixed version to not introduce new linters unexpectedly
+  golangci-lint-version: 1.43.0 # use the fixed version to not introduce new linters unexpectedly
 issues:
  exclude-use-default: false
@@ -36,3 +45,5 @@ issues:
 run:
  skip-dirs:
    - pkg/clientgen
    - pkg/apis/networking.gke.io
    - restapi/operations
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -1,195 +0,0 @@
 # This is an example goreleaser.yaml file with some sane defaults.
 # Make sure to check the documentation at http://goreleaser.com
 project_name: console
 release:
   name_template: "Release version {{.Tag}}"
   github:
    owner: minio
    name: console
   extra_files:
     - glob: "*.minisig"
 before:
  hooks:
    # you may remove this if you don't use vgo
    - go mod tidy
 builds:
  -
    goos:
      - linux
      - darwin
      - windows
    goarch:
      - amd64
      - ppc64le
      - s390x
      - arm64
    ignore:
      - goos: darwin
        goarch: arm
      - goos: windows
        goarch: arm64
      - goos: windows
        goarch: arm
    env:
      - CGO_ENABLED=0
    main: ./cmd/console/
    flags:
      - -trimpath
      - --tags=kqueue
    ldflags:
      - -s -w -X github.com/minio/console/pkg.ReleaseTag={{.Tag}} -X github.com/minio/console/pkg.CommitID={{.FullCommit}} -X github.com/minio/console/pkg.Version={{.Version}} -X github.com/minio/console/pkg.ShortCommitID={{.ShortCommit}} -X github.com/minio/console/pkg.ReleaseTime={{.Date}}
 archives:
  -
    name_template: "{{ .ProjectName }}-{{ .Os }}-{{ .Arch }}"
    format: binary
    replacements:
      arm: arm
 signs:
  -
    signature: "${artifact}.minisig"
    cmd: "sh"
    args:
      - '-c'
      - 'minisign -s /media/${USER}/minio/minisign.key -Sm ${artifact} < /media/${USER}/minio/minisign-passphrase'
    artifacts: all
 snapshot:
  name_template: v0.0.0@{{.ShortCommit}}
 changelog:
  sort: asc
 nfpms:
  -
    vendor: MinIO, Inc.
    homepage: https://github.com/minio/console
    maintainer: MinIO Development <dev@min.io>
    description: MinIO Console Server
    license: GNU Affero General Public License v3.0
    formats:
      - deb
      - rpm
    contents:
      # Basic file that applies to all packagers
      - src: systemd/console.service
        dst: /etc/systemd/system/minio-console.service
 dockers:
 - image_templates:
  - "minio/console:{{ .Tag }}-amd64"
  use: buildx
  goarch: amd64
  dockerfile: Dockerfile.release
  extra_files:
    - LICENSE
    - CREDITS
  build_flag_templates:
  - "--platform=linux/amd64"
  - "--build-arg=TAG={{ .Tag }}"
 - image_templates:
  - "minio/console:{{ .Tag }}-ppc64le"
  use: buildx
  goarch: ppc64le
  dockerfile: Dockerfile.release
  extra_files:
    - LICENSE
    - CREDITS
  build_flag_templates:
  - "--platform=linux/ppc64le"
  - "--build-arg=TAG={{ .Tag }}"
 - image_templates:
  - "minio/console:{{ .Tag }}-s390x"
  use: buildx
  goarch: s390x
  dockerfile: Dockerfile.release
  extra_files:
    - LICENSE
    - CREDITS
  build_flag_templates:
  - "--platform=linux/s390x"
  - "--build-arg=TAG={{ .Tag }}"
 - image_templates:
  - "minio/console:{{ .Tag }}-arm64"
  use: buildx
  goarch: arm64
  goos: linux
  dockerfile: Dockerfile.release
  extra_files:
    - LICENSE
    - CREDITS
  build_flag_templates:
  - "--platform=linux/arm64"
  - "--build-arg=TAG={{ .Tag }}"
 - image_templates:
  - "quay.io/minio/console:{{ .Tag }}-amd64"
  use: buildx
  goarch: amd64
  dockerfile: Dockerfile.release
  extra_files:
    - LICENSE
    - CREDITS
  build_flag_templates:
  - "--platform=linux/amd64"
  - "--build-arg=TAG={{ .Tag }}"
 - image_templates:
  - "quay.io/minio/console:{{ .Tag }}-ppc64le"
  use: buildx
  goarch: ppc64le
  dockerfile: Dockerfile.release
  extra_files:
    - LICENSE
    - CREDITS
  build_flag_templates:
  - "--platform=linux/ppc64le"
  - "--build-arg=TAG={{ .Tag }}"
 - image_templates:
  - "quay.io/minio/console:{{ .Tag }}-s390x"
  use: buildx
  goarch: s390x
  dockerfile: Dockerfile.release
  extra_files:
    - LICENSE
    - CREDITS
  build_flag_templates:
  - "--platform=linux/s390x"
  - "--build-arg=TAG={{ .Tag }}"
 - image_templates:
  - "quay.io/minio/console:{{ .Tag }}-arm64"
  use: buildx
  goarch: arm64
  goos: linux
  dockerfile: Dockerfile.release
  extra_files:
    - LICENSE
    - CREDITS
  build_flag_templates:
  - "--platform=linux/arm64"
  - "--build-arg=TAG={{ .Tag }}"
 docker_manifests:
 - name_template: minio/console:{{ .Tag }}
  image_templates:
  - minio/console:{{ .Tag }}-amd64
  - minio/console:{{ .Tag }}-arm64
  - minio/console:{{ .Tag }}-ppc64le
  - minio/console:{{ .Tag }}-s390x
 - name_template: quay.io/minio/console:{{ .Tag }}
  image_templates:
  - quay.io/minio/console:{{ .Tag }}-amd64
  - quay.io/minio/console:{{ .Tag }}-arm64
  - quay.io/minio/console:{{ .Tag }}-ppc64le
  - quay.io/minio/console:{{ .Tag }}-s390x
 - name_template: minio/console:latest
  image_templates:
  - minio/console:{{ .Tag }}-amd64
  - minio/console:{{ .Tag }}-arm64
  - minio/console:{{ .Tag }}-ppc64le
  - minio/console:{{ .Tag }}-s390x
--- a/.license.tmpl
+++ b/.license.tmpl
@@ -0,0 +1,15 @@
 This file is part of MinIO Console Server
 {{copyright-holder}} MinIO, Inc.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see <http://www.gnu.org/licenses/>.
--- a/.nvmrc
+++ b/.nvmrc
@@ -0,0 +1 @@
 18
--- a/.semgrepignore
+++ b/.semgrepignore
@@ -0,0 +1,35 @@
 # Ignore git items
 .gitignore
 .git/
 :include .gitignore
 # Common large paths
 node_modules/
 portal-ui/node_modules/
 build/
 dist/
 .idea/
 vendor/
 .env/
 .venv/
 .tox/
 *.min.js
 # Common test paths
 test/
 tests/
 *_test.go
 # Semgrep rules folder
 .semgrep
 # Semgrep-action log folder
 .semgrep_logs/
 # Ignore VsCode files
 .vscode/
 *.code-workspace
 *~
 .eslintcache
 consoleApi.ts
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -0,0 +1,109 @@
 <!-- @format -->
 # Changelog
 ## Release v0.36.0
 Features:
 - Updated Settings page components
 Bug Fix:
 - Show LDAP Enabled value LDAP configuration
 - Download multiple objects in same path as they were selected
 ## Release v0.35.1
 Bug Fix:
 - Change timestamp format for zip creation
 ## Release v0.35.0
 Features:
 - Add Exclude Folders and Exclude Prefixes during bucket creation
 - Download multiple selected objects as zip and ignore deleted objects
 - Updated Call Home, Inspet, Profile and Health components
 Bug Fix:
 - Remove extra white spaces for configuration strings
 - Allow Create New Path in bucket view when having right permissions
 ## Release v0.34.0
 Features:
 - Updated Buckets components
 Bug Fix:
 - Fixed SUBNET Health report upload
 - Updated Download Handler
 - Fixes issue with rewind
 - Avoid 1 hour expiration for IDP credentials
 ---
 ## Release v0.33.0
 Features:
 - Updated OpenID, LDAP components
 Bug Fix:
 - Fixed security issues
 - Fixed navigation issues in Object Browser
 - Fixed Dashboard metrics
 ---
 ## Release v0.32.0
 Features:
 - Updated Users and Groups components
 - Added placeholder image for Help Menu
 Bug Fix:
 - Fixed memory leak in WebSocket API for Object Browser
 ---
 ## Release v0.31.0
 **Breaking Changes:**
 - **Removed support for Standalone Deployments**
 Features:
 - Updated way files are displayed in uploading component
 - Updated Audit Logs and Policies components
 Bug Fix:
 - Fixed Download folders issue in Object Browser
 - Added missing Notification Events (ILM & REPLICA) in Events Notification Page
 - Fixed Security Vulnerability for `semver` dependency
 ---
 ## Release v0.30.0
 Features:
 - Added MinIO Console Help Menu
 - Updated UI Menu components
 Bug Fix:
 - Disable the Upload button on Object Browser if the user is not allowed
 - Fixed security vulnerability for `lestrrat-go/jwx` and `fast-xml-parser`
 - Fixed bug on sub-paths for Object Browser
 - Reduce the number of calls to `/session` API endpoint to improve performance
 - Rolled back the previous change for the Share File feature to no longer ask for Service Account access keys
--- a/19927
+++ b/19927
--- a/DEVELOPMENT.md
+++ b/DEVELOPMENT.md
@@ -1,3 +1,96 @@
 # Developing MinIO Console
 The MinIO Console requires the [MinIO Server](https://github.com/minio/minio). For development purposes, you also need to run both the MinIO Console web app and the MinIO Console server.
 ## Running MinIO Console server
 Build the server in the main folder by running:
 ```
 make
 ```
 > Note: If it's the first time running the server, you might need to run `go mod tidy` to ensure you have all modules required.
 To start the server run:
 ```
 CONSOLE_ACCESS_KEY=<your-access-key>
 CONSOLE_SECRET_KEY=<your-secret-key>
 CONSOLE_MINIO_SERVER=<minio-server-endpoint>
 CONSOLE_DEV_MODE=on
 ./console server
 ```
 ## Running MinIO Console web app
 Refer to `/portal-ui` [instructions](/portal-ui/README.md) to run the web app locally.
 # Building with MinIO
 To test console in its shipping format, you need to build it from the MinIO repository, the following step will guide
 you to do that.
 ### 0. Building with UI Changes
 If you are performing changes in the UI components of console and want to test inside the MinIO binary, you need to
 build assets first.
 In the console folder run
 ```shell
 make assets
 ```
 This will regenerate all the static assets that will be served by MinIO.
 ### 1. Clone the `MinIO` repository
 In the parent folder of where you cloned this `console` repository, clone the MinIO Repository
 ```shell
 git clone https://github.com/minio/minio.git
 ```
 ### 2. Update `go.mod` to use your local version
 In the MinIO repository open `go.mod` and after the first `require()` directive add a `replace()` directive
 ```
 ...
 )
 replace (
 github.com/minio/console => "../console"
 )
 require (
 ...
 ```
 ### 3. Build `MinIO`
 Still in the MinIO folder, run
 ```shell
 make build
 ```
 # Testing on Kubernetes
 If you want to test console on kubernetes, you can perform all the steps from `Building with MinIO`, but change `Step 3`
 to the following:
 ```shell
 TAG=miniodev/console:dev make docker
 ```
 This will build a docker container image that can be used to test with your local kubernetes environment.
 For example, if you are using kind:
 ```shell
 kind load docker-image miniodev/console:dev
 ```
 and then deploy any `Tenant` that uses this image
 # LDAP authentication with Console
 ## Setup
@@ -15,7 +108,8 @@ $ docker cp console/docs/ldap/billy.ldif my-openldap-container:/container/servic
 $ docker exec my-openldap-container ldapadd -x -D "cn=admin,dc=example,dc=org" -w admin -f /container/service/slapd/assets/test/billy.ldif -H ldap://localhost
 ```
-Query the ldap server to check the user billy was created correctly and got assigned to the consoleAdmin group, you should get a list 
+Query the ldap server to check the user billy was created correctly and got assigned to the consoleAdmin group, you
 should get a list
 containing ldap users and groups.
 ```
@@ -41,6 +135,7 @@ Enter LDAP Password:
 ```
 ### Add the consoleAdmin policy to user billy on MinIO
 ```
 $ cat > consoleAdmin.json << EOF
 {
@@ -66,8 +161,8 @@ $ cat > consoleAdmin.json << EOF
  ]
 }
 EOF
-$ mc admin policy add myminio consoleAdmin consoleAdmin.json
+$ mc admin policy create myminio consoleAdmin consoleAdmin.json
-$ mc admin policy set myminio consoleAdmin user="uid=billy,dc=example,dc=org"
+$ mc admin policy attach myminio consoleAdmin --user="uid=billy,dc=example,dc=org"
 ```
 ## Run MinIO
--- a/9
+++ b/9
@@ -1,4 +1,5 @@
-FROM node:14 as uilayer
+ARG NODE_VERSION
 FROM node:$NODE_VERSION as uilayer
 WORKDIR /app
@@ -12,7 +13,7 @@ RUN make build-static
 USER node
-FROM golang:1.16 as golayer
+FROM golang:1.19 as golayer
 RUN apt-get update -y && apt-get install -y ca-certificates
@@ -29,9 +30,9 @@ WORKDIR /go/src/github.com/minio/console/
 ENV CGO_ENABLED=0
 COPY --from=uilayer /app/build /go/src/github.com/minio/console/portal-ui/build
-RUN go build -ldflags "-w -s" -a -o console ./cmd/console
+RUN go build --tags=kqueue,operator -ldflags "-w -s" -a -o console ./cmd/console
-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.7
 MAINTAINER MinIO Development "dev@min.io"
 EXPOSE 9090
--- a/Dockerfile.assets
+++ b/Dockerfile.assets
@@ -1,4 +1,5 @@
-FROM node:14 as uilayer
+ARG NODE_VERSION
 FROM node:$NODE_VERSION as uilayer
 WORKDIR /app
--- a/Dockerfile.release
+++ b/Dockerfile.release
@@ -1,9 +1,17 @@
-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4
+FROM --platform=linux/amd64 registry.access.redhat.com/ubi8/ubi-minimal:8.7 as build
-ARG TAG
+RUN microdnf update --nodocs && microdnf install ca-certificates --nodocs
 RUN  curl -s -q https://raw.githubusercontent.com/minio/kes/master/LICENSE -o LICENSE
 RUN  curl -s -q https://raw.githubusercontent.com/minio/kes/master/CREDITS -o CREDITS
-COPY CREDITS /licenses/CREDITS
+FROM registry.access.redhat.com/ubi8/ubi-micro:8.7
-COPY LICENSE /licenses/LICENSE
+
 # On RHEL the certificate bundle is located at:
 # - /etc/pki/tls/certs/ca-bundle.crt (RHEL 6)
 # - /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem (RHEL 7)
 COPY --from=build /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /etc/pki/ca-trust/extracted/pem/
 COPY --from=build LICENSE /LICENSE
 COPY --from=build CREDITS /CREDITS
 LABEL name="MinIO" \
      vendor="MinIO Inc <dev@min.io>" \
@@ -13,10 +21,6 @@ LABEL name="MinIO" \
      summary="A graphical user interface for MinIO" \
      description="MinIO object storage is fundamentally different. Designed for performance and the S3 API, it is 100% open-source. MinIO is ideal for large, private cloud environments with stringent security requirements and delivers mission-critical availability across a diverse range of workloads."
 RUN \
     microdnf update --nodocs && \
     microdnf install ca-certificates --nodocs
 EXPOSE 9090
 COPY console /console
--- a/214
+++ b/214
@@ -4,6 +4,9 @@ GOPATH := $(shell go env GOPATH)
 BUILD_VERSION:=$(shell git describe --exact-match --tags $(git log -n1 --pretty='%h') 2>/dev/null || git rev-parse --abbrev-ref HEAD 2>/dev/null)
 BUILD_TIME:=$(shell date 2>/dev/null)
 TAG ?= "minio/console:$(BUILD_VERSION)-dev"
 MINIO_VERSION ?= "quay.io/minio/minio:latest"
 TARGET_BUCKET ?= "target"
 NODE_VERSION := $(shell cat .nvmrc)
 default: console
@@ -12,23 +15,15 @@ console:
 	@echo "Building Console binary to './console'"
 	@(GO111MODULE=on CGO_ENABLED=0 go build -trimpath --tags=kqueue --ldflags "-s -w" -o console ./cmd/console)
 k8sdev:
 	@docker build -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' .
 	@kind load docker-image $(TAG)
 	@echo "Done, now restart your console deployment"
 getdeps:
 	@mkdir -p ${GOPATH}/bin
-	@which golangci-lint 1>/dev/null || (echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin v1.40.1)
+	@echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin
 verifiers: getdeps fmt lint
 fmt:
 	@echo "Running $@ check"
-	@GO111MODULE=on gofmt -d restapi/
+	@(env bash $(PWD)/verify-gofmt.sh)
 	@GO111MODULE=on gofmt -d pkg/
 	@GO111MODULE=on gofmt -d cmd/
 	@GO111MODULE=on gofmt -d cluster/
 crosscompile:
 	@(env bash $(PWD)/cross-compile.sh $(arg1))
@@ -43,36 +38,205 @@ install: console
 	@mkdir -p $(GOPATH)/bin && cp -f $(PWD)/console $(GOPATH)/bin/console
 	@echo "Installation successful. To learn more, try \"console --help\"."
-swagger-gen: clean-swagger swagger-console swagger-operator
+swagger-gen: clean-swagger swagger-console apply-gofmt
 	@echo "Done Generating swagger server code from yaml"
 apply-gofmt:
 	@echo "Applying gofmt to all generated an existing files"
 	@GO111MODULE=on gofmt -w .
 clean-swagger:
 	@echo "cleaning"
 	@rm -rf models
 	@rm -rf restapi/operations
 	@rm -rf operatorapi/operations
 swagger-console:
 	@echo "Generating swagger server code from yaml"
-	@swagger generate server -A console --main-package=management --server-package=restapi --exclude-main -P models.Principal -f ./swagger-console.yml -r NOTICE
+	@swagger generate server -A console --main-package=management --server-package=restapi --exclude-main -P models.Principal -f ./swagger.yml -r NOTICE
 	@echo "Generating typescript api"
 	@npx swagger-typescript-api -p ./swagger.yml -o ./portal-ui/src/api -n consoleApi.ts
 swagger-operator:
 	@echo "Generating swagger server code from yaml"
 	@swagger generate server -A operator --main-package=operator --server-package=operatorapi --exclude-main -P models.Principal -f ./swagger-operator.yml -r NOTICE
 assets:
-	@(cd portal-ui; yarn install; make build-static; yarn prettier --write . --loglevel warn; cd ..)
+	@(if [ -f "${NVM_DIR}/nvm.sh" ]; then \. "${NVM_DIR}/nvm.sh" && nvm install && nvm use && npm install -g yarn ; fi &&\
 	  cd portal-ui; yarn install --prefer-offline; make build-static; yarn prettier --write . --loglevel warn; cd ..)
 test-integration:
-	@(docker run -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4} && sleep 5)
+	@(docker stop pgsqlcontainer || true)
-	@(GO111MODULE=on go test -race -v github.com/minio/console/integration/...)
+	@(docker stop minio || true)
 	@(docker stop minio2 || true)
 	@(docker network rm mynet123 || true)
 	@echo "create docker network to communicate containers MinIO & PostgreSQL"
 	@(docker network create --subnet=173.18.0.0/29 mynet123)
 	@echo "docker run with MinIO Version below:"
 	@echo $(MINIO_VERSION)
 	@echo "MinIO 1"
 	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 --net=mynet123 -d --name minio --rm -p 9000:9000 -p 9091:9091 -e MINIO_KMS_SECRET_KEY=my-minio-key:OSMM+vkKUTCvQs9YL/CVMIMt43HFhkUpqJxTmGl6rYw= $(MINIO_VERSION) server /data{1...4} --console-address ':9091' && sleep 5)
 	@echo "MinIO 2"
 	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 --net=mynet123 -d --name minio2 --rm -p 9001:9001 -p 9092:9092 -e MINIO_KMS_SECRET_KEY=my-minio-key:OSMM+vkKUTCvQs9YL/CVMIMt43HFhkUpqJxTmGl6rYw= $(MINIO_VERSION) server /data{1...4} --address ':9001' --console-address ':9092' && sleep 5)
 	@echo "Postgres"
 	@(docker run --net=mynet123 --ip=173.18.0.4 --name pgsqlcontainer --rm -p 5432:5432 -e POSTGRES_PASSWORD=password -d postgres && sleep 5)
 	@echo "execute test and get coverage for test-integration:"
 	@(cd integration && go test -coverpkg=../restapi -c -tags testrunmain . && mkdir -p coverage &&  ./integration.test -test.v -test.run "^Test*" -test.coverprofile=coverage/system.out)
 	@(docker stop pgsqlcontainer)
 	@(docker stop minio)
 	@(docker stop minio2)
 	@(docker network rm mynet123)
 test-replication:
 	@(docker stop minio || true)
 	@(docker stop minio1 || true)
 	@(docker stop minio2 || true)
 	@(docker network rm mynet123 || true)
 	@(docker network create mynet123)
 	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 \
 	  --net=mynet123 -d \
 	  --name minio \
 	  --rm \
 	  -p 9000:9000 \
 	  -p 6000:6000 \
 	  -e MINIO_KMS_SECRET_KEY=my-minio-key:OSMM+vkKUTCvQs9YL/CVMIMt43HFhkUpqJxTmGl6rYw= \
 	  -e MINIO_ROOT_USER="minioadmin" \
 	  -e MINIO_ROOT_PASSWORD="minioadmin" \
 	  $(MINIO_VERSION) server /data{1...4} \
 	  --address :9000 \
 	  --console-address :6000)
 	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 \
 	  --net=mynet123 -d \
 	  --name minio1 \
 	  --rm \
 	  -p 9001:9001 \
 	  -p 6001:6001 \
 	  -e MINIO_KMS_SECRET_KEY=my-minio-key:OSMM+vkKUTCvQs9YL/CVMIMt43HFhkUpqJxTmGl6rYw= \
 	  -e MINIO_ROOT_USER="minioadmin" \
 	  -e MINIO_ROOT_PASSWORD="minioadmin" \
 	  $(MINIO_VERSION) server /data{1...4} \
 	  --address :9001 \
 	  --console-address :6001)
 	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 \
 	  --net=mynet123 -d \
 	  --name minio2 \
 	  --rm \
 	  -p 9002:9002 \
 	  -p 6002:6002 \
 	  -e MINIO_KMS_SECRET_KEY=my-minio-key:OSMM+vkKUTCvQs9YL/CVMIMt43HFhkUpqJxTmGl6rYw= \
 	  -e MINIO_ROOT_USER="minioadmin" \
 	  -e MINIO_ROOT_PASSWORD="minioadmin" \
 	  $(MINIO_VERSION) server /data{1...4} \
 	  --address :9002 \
 	  --console-address :6002)
 	@(cd replication && go test -coverpkg=../restapi -c -tags testrunmain . && mkdir -p coverage && ./replication.test -test.v -test.run "^Test*" -test.coverprofile=coverage/replication.out)
 	@(docker stop minio || true)
 	@(docker stop minio1 || true)
 	@(docker stop minio2 || true)
 	@(docker network rm mynet123 || true)
 test-sso-integration:
 	@echo "create the network in bridge mode to communicate all containers"
 	@(docker network create my-net)
 	@echo "run openldap container using MinIO Image: quay.io/minio/openldap:latest"
 	@(docker run \
 		-e LDAP_ORGANIZATION="MinIO Inc" \
 		-e LDAP_DOMAIN="min.io" \
 		-e LDAP_ADMIN_PASSWORD="admin" \
 		--network my-net \
 		-p 389:389 \
 		-p 636:636 \
 		--name openldap \
 		--detach quay.io/minio/openldap:latest)
 	@echo "Run Dex container using MinIO Image: quay.io/minio/dex:latest"
 	@(docker run \
 		-e DEX_ISSUER=http://dex:5556/dex \
 		-e DEX_CLIENT_REDIRECT_URI=http://127.0.0.1:9090/oauth_callback \
 		-e DEX_LDAP_SERVER=openldap:389 \
 		--network my-net \
 		-p 5556:5556 \
 		--name dex \
 		--detach quay.io/minio/dex:latest)
 	@echo "running minio server"
 	@(docker run \
 	-v /data1 -v /data2 -v /data3 -v /data4 \
 	--network my-net \
 	-d \
 	--name minio \
 	--rm \
 	-p 9000:9000 \
 	-p 9001:9001 \
 	-e MINIO_IDENTITY_OPENID_CLIENT_ID="minio-client-app" \
 	-e MINIO_IDENTITY_OPENID_CLIENT_SECRET="minio-client-app-secret" \
 	-e MINIO_IDENTITY_OPENID_CLAIM_NAME=name \
 	-e MINIO_IDENTITY_OPENID_CONFIG_URL=http://dex:5556/dex/.well-known/openid-configuration \
 	-e MINIO_IDENTITY_OPENID_REDIRECT_URI=http://127.0.0.1:9090/oauth_callback \
 	-e MINIO_ROOT_USER=minio \
 	-e MINIO_ROOT_PASSWORD=minio123 $(MINIO_VERSION) server /data{1...4} --address :9000 --console-address :9001)
 	@echo "run mc commands to set the policy"
 	@(docker run --name minio-client --network my-net -dit --entrypoint=/bin/sh minio/mc)
 	@(docker exec minio-client mc alias set myminio/ http://minio:9000 minio minio123)
 	@echo "adding policy to Dillon Harper to be able to login:"
 	@(cd sso-integration && docker cp allaccess.json minio-client:/ && docker exec minio-client mc admin policy create myminio "Dillon Harper" allaccess.json)
 	@echo "starting bash script"
 	@(env bash $(PWD)/sso-integration/set-sso.sh)
 	@echo "add python module"
 	@(pip3 install bs4)
 	@echo "Executing the test:"
 	@(cd sso-integration && go test -coverpkg=../restapi -c -tags testrunmain . && mkdir -p coverage && ./sso-integration.test -test.v -test.run "^Test*" -test.coverprofile=coverage/sso-system.out)
 test-permissions-1:
 	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
 	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-1/")
 	@(docker stop minio)
 test-permissions-2:
 	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
 	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-2/")
 	@(docker stop minio)
 test-permissions-3:
 	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
 	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-3/")
 	@(docker stop minio)
 test-permissions-4:
 	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
 	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-4/")
 	@(docker stop minio)
 test-permissions-5:
 	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
 	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-5/")
 	@(docker stop minio)
 test-permissions-6:
 	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
 	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-6/")
 	@(docker stop minio)
 test-permissions-7:
 	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
 	@(env bash $(PWD)/portal-ui/tests/scripts/permissions.sh "portal-ui/tests/permissions-7/")
 	@(docker stop minio)
 test-apply-permissions:
 	@(env bash $(PWD)/portal-ui/tests/scripts/initialize-env.sh)
 test-start-docker-minio:
 	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
 initialize-permissions: test-start-docker-minio test-apply-permissions
 	@echo "Done initializing permissions test"
 cleanup-permissions:
 	@(env bash $(PWD)/portal-ui/tests/scripts/cleanup-env.sh)
 	@(docker stop minio)
 test:
-	@(GO111MODULE=on go test -race -v github.com/minio/console/restapi/...)
+	@echo "execute test and get coverage"
 	@(cd restapi && mkdir coverage && GO111MODULE=on go test -test.v -coverprofile=coverage/coverage.out)
 test-pkg:
-	@(GO111MODULE=on go test -race -v github.com/minio/console/pkg/...)
+	@echo "execute test and get coverage"
 	@(cd pkg && mkdir coverage && GO111MODULE=on go test -test.v -coverprofile=coverage/coverage-pkg.out)
 coverage:
 	@(GO111MODULE=on go test -v -coverprofile=coverage.out github.com/minio/console/restapi/... && go tool cover -html=coverage.out && open coverage.html)
@@ -84,4 +248,10 @@ clean:
 	@rm -vf console
 docker:
-	@docker buildx build --output=type=docker --platform linux/amd64 -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' .
+	@docker buildx build --output=type=docker --platform linux/amd64 -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' --build-arg NODE_VERSION='$(NODE_VERSION)' .
 release: swagger-gen
 	@echo "Generating Release: $(RELEASE)"
 	@make assets
 	@git add -u .
 	@git add portal-ui/build/
--- a/2
+++ b/2
@@ -1,5 +1,5 @@
 This file is part of MinIO Console Server
-Copyright (c) 2021 MinIO, Inc.
+Copyright (c) 2023 MinIO, Inc.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
--- a/README.md
+++ b/README.md
@@ -4,9 +4,9 @@
 A graphical user interface for [MinIO](https://github.com/minio/minio)
-| Dashboard                     | Creating a bucket             |
+| Object Browser                     | Dashboard                     | Creating a bucket             |
-| -------------                 | -------------                 |
+|------------------------------------|-------------------------------|-------------------------------|
-| ![Dashboard](images/pic1.png) | ![Dashboard](images/pic2.png) |
+| ![Object Browser](images/pic3.png) | ![Dashboard](images/pic1.png) | ![Dashboard](images/pic2.png) |
 <!-- markdown-toc start - Don't edit this section. Run M-x markdown-toc-refresh-toc -->
 **Table of Contents**
@@ -40,7 +40,9 @@ A graphical user interface for [MinIO](https://github.com/minio/minio)
 |  Apple  |  amd64  |    [darwin-amd64](https://github.com/minio/console/releases/latest/download/console-darwin-amd64)    |
 | Windows |  amd64  | [windows-amd64](https://github.com/minio/console/releases/latest/download/console-windows-amd64.exe) |
-You can also verify the binary with [minisign](https://jedisct1.github.io/minisign/) by downloading the corresponding [`.minisig`](https://github.com/minio/console/releases/latest) signature file. Then run:
+You can also verify the binary with [minisign](https://jedisct1.github.io/minisign/) by downloading the
 corresponding [`.minisig`](https://github.com/minio/console/releases/latest) signature file. Then run:
 ```
 minisign -Vm console-<OS>-<ARCH> -P RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGav
 ```
@@ -48,13 +50,15 @@ minisign -Vm console-<OS>-<ARCH> -P RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRyw
 ### Docker
 Pull the latest release via:
 ```
 docker pull minio/console
 ```
 ### Build from source
 > You will need a working Go environment. Therefore, please follow [How to install Go](https://golang.org/doc/install).
-> Minimum version required is go1.17
+> Minimum version required is go1.19
 ```
 go install github.com/minio/console/cmd/console@latest
@@ -103,21 +107,24 @@ EOF
 ```
 ```sh
-mc admin policy add myminio/ consoleAdmin admin.json
+mc admin policy create myminio/ consoleAdmin admin.json
 ```
 ### 3. Set the policy for the new `console` user
 ```sh
-mc admin policy set myminio consoleAdmin user=console
+mc admin policy attach myminio consoleAdmin --user=console
 ```
-> NOTE: Additionally, you can create policies to limit the privileges for other `console` users, for example, if you want the user to only have access to dashboard, buckets, notifications and watch page, the policy should look like this:
+> NOTE: Additionally, you can create policies to limit the privileges for other `console` users, for example, if you
 > want the user to only have access to dashboard, buckets, notifications and watch page, the policy should look like
 > this:
 ```json
 {
  "Version": "2012-10-17",
-	"Statement": [{
+  "Statement": [
    {
      "Action": [
        "admin:ServerInfo"
      ],
@@ -157,6 +164,7 @@ mc admin policy set myminio consoleAdmin user=console
 ## Start Console service:
 Before running console service, following environment settings must be supplied
 ```sh
 # Salt to encrypt JWT payload
 export CONSOLE_PBKDF_PASSPHRASE=SECRET
@@ -169,6 +177,7 @@ export CONSOLE_MINIO_SERVER=http://localhost:9000
 ```
 Now start the console service.
 ```
 ./console server
 2021-01-19 02:36:08.893735 I | 2021/01/19 02:36:08 server.go:129: Serving console at http://localhost:9090
@@ -189,6 +198,7 @@ Copy your `public.crt` and `private.key` to `~/.console/certs`, then:
 For advanced users, `console` has support for multiple certificates to service clients through multiple domains.
 Following tree structure is expected for supporting multiple domains:
 ```sh
 certs/
  │
@@ -219,4 +229,5 @@ export CONSOLE_MINIO_SERVER=https://localhost:9000
 You can verify that the apis work by doing the request on `localhost:9090/api/v1/...`
 # Contribute to console Project
 Please follow console [Contributor's Guide](https://github.com/minio/console/blob/master/CONTRIBUTING.md)
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -18,7 +18,8 @@ you need access credentials for a successful exploit).
 If you have not received a reply to your email within 48 hours or you have not heard from the security team
 for the past five days please contact the security team directly:
-  - Primary security coordinator: lenin@min.io
+
 - Primary security coordinator: daniel@min.io
 - Secondary coordinator: security@min.io
 - If you receive no response: dev@min.io
--- a/cluster/cluster.go
+++ b/cluster/cluster.go
@@ -1,71 +0,0 @@
 // This file is part of MinIO Kubernetes Cloud
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package cluster
 import (
 	direct "github.com/minio/direct-csi/pkg/clientset"
 	operator "github.com/minio/operator/pkg/client/clientset/versioned"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/rest"
 	certutil "k8s.io/client-go/util/cert"
 )
 // getTLSClientConfig will return the right TLS configuration for the K8S client based on the configured TLS certificate
 func getTLSClientConfig() rest.TLSClientConfig {
 	var defaultRootCAFile = "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
 	var customRootCAFile = getK8sAPIServerTLSRootCA()
 	tlsClientConfig := rest.TLSClientConfig{}
 	// if console is running inside k8s by default he will have access to the CA Cert from the k8s local authority
 	if _, err := certutil.NewPool(defaultRootCAFile); err == nil {
 		tlsClientConfig.CAFile = defaultRootCAFile
 	}
 	// if the user explicitly define a custom CA certificate, instead, we will use that
 	if customRootCAFile != "" {
 		if _, err := certutil.NewPool(customRootCAFile); err == nil {
 			tlsClientConfig.CAFile = customRootCAFile
 		}
 	}
 	return tlsClientConfig
 }
 // This operation will run only once at console startup
 var tlsClientConfig = getTLSClientConfig()
 func GetK8sConfig(token string) *rest.Config {
 	config := &rest.Config{
 		Host:            GetK8sAPIServer(),
 		TLSClientConfig: tlsClientConfig,
 		APIPath:         "/",
 		BearerToken:     token,
 	}
 	return config
 }
 // OperatorClient returns an operator client using GetK8sConfig for its config
 func OperatorClient(token string) (*operator.Clientset, error) {
 	return operator.NewForConfig(GetK8sConfig(token))
 }
 // K8sClient returns kubernetes client using GetK8sConfig for its config
 func K8sClient(token string) (*kubernetes.Clientset, error) {
 	return kubernetes.NewForConfig(GetK8sConfig(token))
 }
 // DirectCSIClient returns Direct CSI client using GetK8sConfig for its config
 func DirectCSIClient(token string) (*direct.Clientset, error) {
 	return direct.NewForConfig(GetK8sConfig(token))
 }
--- a/cluster/config.go
+++ b/cluster/config.go
@@ -1,121 +0,0 @@
 // This file is part of MinIO Kubernetes Cloud
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package cluster
 import (
 	"errors"
 	"fmt"
 	"io/ioutil"
 	"net"
 	"net/http"
 	"regexp"
 	"strings"
 	"time"
 	"github.com/minio/pkg/env"
 )
 var (
 	errCantDetermineMinIOImage = errors.New("can't determine MinIO Image")
 )
 func GetK8sAPIServer() string {
 	// if console is running inside a k8s pod KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT will contain the k8s api server apiServerAddress
 	// if console is not running inside k8s by default will look for the k8s api server on localhost:8001 (kubectl proxy)
 	// NOTE: using kubectl proxy is for local development only, since every request send to localhost:8001 will bypass service account authentication
 	// more info here: https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#directly-accessing-the-rest-api
 	// you can override this using CONSOLE_K8S_API_SERVER, ie use the k8s cluster from `kubectl config view`
 	host, port := env.Get("KUBERNETES_SERVICE_HOST", ""), env.Get("KUBERNETES_SERVICE_PORT", "")
 	apiServerAddress := "http://localhost:8001"
 	if host != "" && port != "" {
 		apiServerAddress = "https://" + net.JoinHostPort(host, port)
 	}
 	return env.Get(ConsoleK8sAPIServer, apiServerAddress)
 }
 // If CONSOLE_K8S_API_SERVER_TLS_ROOT_CA is true console will load the certificate into the
 // http.client rootCAs pool, this is useful for testing an k8s ApiServer or when working with self-signed certificates
 func getK8sAPIServerTLSRootCA() string {
 	return strings.TrimSpace(env.Get(ConsoleK8SAPIServerTLSRootCA, ""))
 }
 // GetNsFromFile assumes console is running inside a k8s pod and extract the current namespace from the
 // /var/run/secrets/kubernetes.io/serviceaccount/namespace file
 func GetNsFromFile() string {
 	dat, err := ioutil.ReadFile("/var/run/secrets/kubernetes.io/serviceaccount/namespace")
 	if err != nil {
 		return "default"
 	}
 	return string(dat)
 }
 // Namespace will run only once at console startup
 var Namespace = GetNsFromFile()
 // getLatestMinIOImage returns the latest docker image for MinIO if found on the internet
 func getLatestMinIOImage(client HTTPClientI) (*string, error) {
 	resp, err := client.Get("https://dl.min.io/server/minio/release/linux-amd64/")
 	if err != nil {
 		return nil, err
 	}
 	defer resp.Body.Close()
 	body, err := ioutil.ReadAll(resp.Body)
 	if err != nil {
 		return nil, err
 	}
 	var re = regexp.MustCompile(`(?m)\.\/minio\.(RELEASE.*?Z)"`)
 	// look for a single match
 	matches := re.FindAllStringSubmatch(string(body), 1)
 	for i := range matches {
 		release := matches[i][1]
 		dockerImage := fmt.Sprintf("minio/minio:%s", release)
 		return &dockerImage, nil
 	}
 	return nil, errCantDetermineMinIOImage
 }
 var latestMinIOImage, errLatestMinIOImage = getLatestMinIOImage(
 	&HTTPClient{
 		Client: &http.Client{
 			Timeout: 15 * time.Second,
 		},
 	})
 // GetMinioImage returns the image URL to be used when deploying a MinIO instance, if there is
 // a preferred image to be used (configured via ENVIRONMENT VARIABLES) GetMinioImage will return that
 // if not, GetMinioImage will try to obtain the image URL for the latest version of MinIO and return that
 func GetMinioImage() (*string, error) {
 	image := strings.TrimSpace(env.Get(ConsoleMinioImage, ""))
 	// if there is a preferred image configured by the user we'll always return that
 	if image != "" {
 		return &image, nil
 	}
 	if errLatestMinIOImage != nil {
 		return nil, errLatestMinIOImage
 	}
 	return latestMinIOImage, nil
 }
 // GetLatestMinioImage returns the latest image URL on minio repository
 func GetLatestMinioImage(client HTTPClientI) (*string, error) {
 	latestMinIOImage, err := getLatestMinIOImage(client)
 	if err != nil {
 		return nil, err
 	}
 	return latestMinIOImage, nil
 }
--- a/cluster/const.go
+++ b/cluster/const.go
@@ -1,24 +0,0 @@
 // This file is part of MinIO Kubernetes Cloud
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package cluster
 const (
 	ConsoleK8sAPIServer          = "CONSOLE_K8S_API_SERVER"
 	ConsoleK8SAPIServerTLSRootCA = "CONSOLE_K8S_API_SERVER_TLS_ROOT_CA"
 	ConsoleMinioImage            = "CONSOLE_MINIO_IMAGE"
 	ConsoleMCImage               = "CONSOLE_MC_IMAGE"
 )
--- a/cluster/http_client.go
+++ b/cluster/http_client.go
@@ -1,53 +0,0 @@
 // This file is part of MinIO Kubernetes Cloud
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package cluster
 import (
 	"io"
 	"net/http"
 )
 // HTTPClientI interface with all functions to be implemented
 // by mock when testing, it should include all HttpClient respective api calls
 // that are used within this project.
 type HTTPClientI interface {
 	Get(url string) (resp *http.Response, err error)
 	Post(url, contentType string, body io.Reader) (resp *http.Response, err error)
 	Do(req *http.Request) (*http.Response, error)
 }
 // HTTPClient Interface implementation
 //
 // Define the structure of a http client and define the functions that are actually used
 type HTTPClient struct {
 	Client *http.Client
 }
 // Get implements http.Client.Get()
 func (c *HTTPClient) Get(url string) (resp *http.Response, err error) {
 	return c.Client.Get(url)
 }
 // Post implements http.Client.Post()
 func (c *HTTPClient) Post(url, contentType string, body io.Reader) (resp *http.Response, err error) {
 	return c.Client.Post(url, contentType, body)
 }
 // Do implements http.Client.Do()
 func (c *HTTPClient) Do(req *http.Request) (*http.Response, error) {
 	return c.Client.Do(req)
 }
--- a/cmd/console/app_commands.go
+++ b/cmd/console/app_commands.go
@@ -0,0 +1,90 @@
 // This file is part of MinIO Console Server
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package main
 import (
 	"context"
 	"fmt"
 	"strconv"
 	"time"
 	"github.com/minio/console/pkg/logger"
 	"github.com/minio/cli"
 	"github.com/minio/console/restapi"
 )
 var appCmds = []cli.Command{
 	serverCmd,
 	updateCmd,
 }
 // StartServer starts the console service
 func StartServer(ctx *cli.Context) error {
 	if err := loadAllCerts(ctx); err != nil {
 		// Log this as a warning and continue running console without TLS certificates
 		restapi.LogError("Unable to load certs: %v", err)
 	}
 	xctx := context.Background()
 	transport := restapi.PrepareSTSClientTransport(false, restapi.LocalAddress)
 	if err := logger.InitializeLogger(xctx, transport.Transport); err != nil {
 		fmt.Println("error InitializeLogger", err)
 		logger.CriticalIf(xctx, err)
 	}
 	// custom error configuration
 	restapi.LogInfo = logger.Info
 	restapi.LogError = logger.Error
 	restapi.LogIf = logger.LogIf
 	var rctx restapi.Context
 	if err := rctx.Load(ctx); err != nil {
 		restapi.LogError("argument validation failed: %v", err)
 		return err
 	}
 	server, err := buildServer()
 	if err != nil {
 		restapi.LogError("Unable to initialize console server: %v", err)
 		return err
 	}
 	server.Host = rctx.Host
 	server.Port = rctx.HTTPPort
 	// set conservative timesout for uploads
 	server.ReadTimeout = 1 * time.Hour
 	// no timeouts for response for downloads
 	server.WriteTimeout = 0
 	restapi.Port = strconv.Itoa(server.Port)
 	restapi.Hostname = server.Host
 	if len(restapi.GlobalPublicCerts) > 0 {
 		// If TLS certificates are provided enforce the HTTPS schema, meaning console will redirect
 		// plain HTTP connections to HTTPS server
 		server.EnabledListeners = []string{"http", "https"}
 		server.TLSPort = rctx.HTTPSPort
 		// Need to store tls-port, tls-host un config variables so secure.middleware can read from there
 		restapi.TLSPort = strconv.Itoa(server.TLSPort)
 		restapi.Hostname = rctx.Host
 		restapi.TLSRedirect = rctx.TLSRedirect
 	}
 	defer server.Shutdown()
 	return server.Serve()
 }
--- a/cmd/console/main.go
+++ b/cmd/console/main.go
@@ -50,12 +50,6 @@ VERSION:
 {{.Version}}
 `
 var appCmds = []cli.Command{
 	serverCmd,
 	updateCmd,
 	operatorCmd,
 }
 func newApp(name string) *cli.App {
 	// Collection of console commands currently supported are.
 	var commands []cli.Command
--- a/cmd/console/operator.go
+++ b/cmd/console/operator.go
@@ -1,251 +0,0 @@
 // This file is part of MinIO Console Server
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package main
 import (
 	"fmt"
 	"io/ioutil"
 	"path/filepath"
 	"strconv"
 	"syscall"
 	"time"
 	"github.com/minio/console/restapi"
 	"github.com/go-openapi/loads"
 	"github.com/jessevdk/go-flags"
 	"github.com/minio/cli"
 	"github.com/minio/console/operatorapi"
 	"github.com/minio/console/operatorapi/operations"
 	"github.com/minio/console/pkg/certs"
 )
 // starts the server
 var operatorCmd = cli.Command{
 	Name:    "operator",
 	Aliases: []string{"opr"},
 	Usage:   "Start MinIO Operator UI server",
 	Action:  startOperatorServer,
 	Flags: []cli.Flag{
 		cli.StringFlag{
 			Name:  "host",
 			Value: restapi.GetHostname(),
 			Usage: "bind to a specific HOST, HOST can be an IP or hostname",
 		},
 		cli.IntFlag{
 			Name:  "port",
 			Value: restapi.GetPort(),
 			Usage: "bind to specific HTTP port",
 		},
 		// This is kept here for backward compatibility,
 		// hostname's do not have HTTP or HTTPs
 		// hostnames are opaque so using --host
 		// works for both HTTP and HTTPS setup.
 		cli.StringFlag{
 			Name:   "tls-host",
 			Value:  restapi.GetHostname(),
 			Hidden: true,
 		},
 		cli.StringFlag{
 			Name:  "certs-dir",
 			Value: certs.GlobalCertsCADir.Get(),
 			Usage: "path to certs directory",
 		},
 		cli.IntFlag{
 			Name:  "tls-port",
 			Value: restapi.GetTLSPort(),
 			Usage: "bind to specific HTTPS port",
 		},
 		cli.StringFlag{
 			Name:  "tls-redirect",
 			Value: restapi.GetTLSRedirect(),
 			Usage: "toggle HTTP->HTTPS redirect",
 		},
 		cli.StringFlag{
 			Name:   "tls-certificate",
 			Value:  "",
 			Usage:  "path to TLS public certificate",
 			Hidden: true,
 		},
 		cli.StringFlag{
 			Name:   "tls-key",
 			Value:  "",
 			Usage:  "path to TLS private key",
 			Hidden: true,
 		},
 		cli.StringFlag{
 			Name:   "tls-ca",
 			Value:  "",
 			Usage:  "path to TLS Certificate Authority",
 			Hidden: true,
 		},
 	},
 }
 func buildOperatorServer() (*operatorapi.Server, error) {
 	swaggerSpec, err := loads.Embedded(operatorapi.SwaggerJSON, operatorapi.FlatSwaggerJSON)
 	if err != nil {
 		return nil, err
 	}
 	api := operations.NewOperatorAPI(swaggerSpec)
 	api.Logger = operatorapi.LogInfo
 	server := operatorapi.NewServer(api)
 	parser := flags.NewParser(server, flags.Default)
 	parser.ShortDescription = "MinIO Console Server"
 	parser.LongDescription = swaggerSpec.Spec().Info.Description
 	server.ConfigureFlags()
 	// register all APIs
 	server.ConfigureAPI()
 	for _, optsGroup := range api.CommandLineOptionsGroups {
 		_, err := parser.AddGroup(optsGroup.ShortDescription, optsGroup.LongDescription, optsGroup.Options)
 		if err != nil {
 			return nil, err
 		}
 	}
 	if _, err := parser.Parse(); err != nil {
 		return nil, err
 	}
 	return server, nil
 }
 func loadOperatorAllCerts(ctx *cli.Context) error {
 	var err error
 	// Set all certs and CAs directories path
 	certs.GlobalCertsDir, _, err = certs.NewConfigDirFromCtx(ctx, "certs-dir", certs.DefaultCertsDir.Get)
 	if err != nil {
 		return err
 	}
 	certs.GlobalCertsCADir = &certs.ConfigDir{Path: filepath.Join(certs.GlobalCertsDir.Get(), certs.CertsCADir)}
 	// check if certs and CAs directories exists or can be created
 	if err = certs.MkdirAllIgnorePerm(certs.GlobalCertsCADir.Get()); err != nil {
 		return fmt.Errorf("unable to create certs CA directory at %s: failed with %w", certs.GlobalCertsCADir.Get(), err)
 	}
 	// load the certificates and the CAs
 	operatorapi.GlobalRootCAs, operatorapi.GlobalPublicCerts, operatorapi.GlobalTLSCertsManager, err = certs.GetAllCertificatesAndCAs()
 	if err != nil {
 		return fmt.Errorf("unable to load certificates at %s: failed with %w", certs.GlobalCertsDir.Get(), err)
 	}
 	{
 		// TLS flags from swagger server, used to support VMware vsphere operator version.
 		swaggerServerCertificate := ctx.String("tls-certificate")
 		swaggerServerCertificateKey := ctx.String("tls-key")
 		swaggerServerCACertificate := ctx.String("tls-ca")
 		// load tls cert and key from swagger server tls-certificate and tls-key flags
 		if swaggerServerCertificate != "" && swaggerServerCertificateKey != "" {
 			if err = operatorapi.GlobalTLSCertsManager.AddCertificate(swaggerServerCertificate, swaggerServerCertificateKey); err != nil {
 				return err
 			}
 			x509Certs, err := certs.ParsePublicCertFile(swaggerServerCertificate)
 			if err == nil {
 				operatorapi.GlobalPublicCerts = append(operatorapi.GlobalPublicCerts, x509Certs...)
 			}
 		}
 		// load ca cert from swagger server tls-ca flag
 		if swaggerServerCACertificate != "" {
 			caCert, caCertErr := ioutil.ReadFile(swaggerServerCACertificate)
 			if caCertErr == nil {
 				operatorapi.GlobalRootCAs.AppendCertsFromPEM(caCert)
 			}
 		}
 	}
 	if restapi.GlobalTLSCertsManager != nil {
 		restapi.GlobalTLSCertsManager.ReloadOnSignal(syscall.SIGHUP)
 	}
 	return nil
 }
 // StartServer starts the console service
 func startOperatorServer(ctx *cli.Context) error {
 	if err := loadOperatorAllCerts(ctx); err != nil {
 		// Log this as a warning and continue running console without TLS certificates
 		operatorapi.LogError("Unable to load certs: %v", err)
 	}
 	var rctx operatorapi.Context
 	if err := rctx.Load(ctx); err != nil {
 		operatorapi.LogError("argument validation failed: %v", err)
 		return err
 	}
 	server, err := buildOperatorServer()
 	if err != nil {
 		operatorapi.LogError("Unable to initialize console server: %v", err)
 		return err
 	}
 	server.Host = rctx.Host
 	server.Port = rctx.HTTPPort
 	// set conservative timesout for uploads
 	server.ReadTimeout = 1 * time.Hour
 	// no timeouts for response for downloads
 	server.WriteTimeout = 0
 	operatorapi.Port = strconv.Itoa(server.Port)
 	operatorapi.Hostname = server.Host
 	if len(operatorapi.GlobalPublicCerts) > 0 {
 		// If TLS certificates are provided enforce the HTTPS schema, meaning console will redirect
 		// plain HTTP connections to HTTPS server
 		server.EnabledListeners = []string{"http", "https"}
 		server.TLSPort = rctx.HTTPSPort
 		// Need to store tls-port, tls-host un config variables so secure.middleware can read from there
 		operatorapi.TLSPort = strconv.Itoa(server.TLSPort)
 		operatorapi.Hostname = rctx.Host
 		operatorapi.TLSRedirect = rctx.TLSRedirect
 	}
 	defer server.Shutdown()
 	// subnet license refresh process
 	go func() {
 		// start refreshing subnet license after 5 seconds..
 		time.Sleep(time.Second * 5)
 		failedAttempts := 0
 		for {
 			if err := operatorapi.RefreshLicense(); err != nil {
 				operatorapi.LogError("Refreshing subnet license failed: %v", err)
 				failedAttempts++
 				// end license refresh after 3 consecutive failed attempts
 				if failedAttempts >= 3 {
 					return
 				}
 				// wait 5 minutes and retry again
 				time.Sleep(time.Minute * 5)
 				continue
 			}
 			// if license refreshed successfully reset the counter
 			failedAttempts = 0
 			// try to refresh license every 24 hrs
 			time.Sleep(time.Hour * 24)
 		}
 	}()
 	return server.Serve()
 }
--- a/cmd/console/server.go
+++ b/cmd/console/server.go
@@ -18,12 +18,9 @@ package main
 import (
 	"fmt"
 	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strconv"
 	"syscall"
 	"time"
 	"github.com/go-openapi/loads"
 	"github.com/jessevdk/go-flags"
@@ -166,7 +163,7 @@ func loadAllCerts(ctx *cli.Context) error {
 		// load ca cert from swagger server tls-ca flag
 		if swaggerServerCACertificate != "" {
-			caCert, caCertErr := ioutil.ReadFile(swaggerServerCACertificate)
+			caCert, caCertErr := os.ReadFile(swaggerServerCACertificate)
 			if caCertErr == nil {
 				restapi.GlobalRootCAs.AppendCertsFromPEM(caCert)
 			}
@@ -179,51 +176,3 @@ func loadAllCerts(ctx *cli.Context) error {
 	return nil
 }
 // StartServer starts the console service
 func StartServer(ctx *cli.Context) error {
 	if os.Getenv("CONSOLE_OPERATOR_MODE") != "" && os.Getenv("CONSOLE_OPERATOR_MODE") == "on" {
 		return startOperatorServer(ctx)
 	}
 	if err := loadAllCerts(ctx); err != nil {
 		// Log this as a warning and continue running console without TLS certificates
 		restapi.LogError("Unable to load certs: %v", err)
 	}
 	var rctx restapi.Context
 	if err := rctx.Load(ctx); err != nil {
 		restapi.LogError("argument validation failed: %v", err)
 		return err
 	}
 	server, err := buildServer()
 	if err != nil {
 		restapi.LogError("Unable to initialize console server: %v", err)
 		return err
 	}
 	server.Host = rctx.Host
 	server.Port = rctx.HTTPPort
 	// set conservative timesout for uploads
 	server.ReadTimeout = 1 * time.Hour
 	// no timeouts for response for downloads
 	server.WriteTimeout = 0
 	restapi.Port = strconv.Itoa(server.Port)
 	restapi.Hostname = server.Host
 	if len(restapi.GlobalPublicCerts) > 0 {
 		// If TLS certificates are provided enforce the HTTPS schema, meaning console will redirect
 		// plain HTTP connections to HTTPS server
 		server.EnabledListeners = []string{"http", "https"}
 		server.TLSPort = rctx.HTTPSPort
 		// Need to store tls-port, tls-host un config variables so secure.middleware can read from there
 		restapi.TLSPort = strconv.Itoa(server.TLSPort)
 		restapi.Hostname = rctx.Host
 		restapi.TLSRedirect = rctx.TLSRedirect
 	}
 	defer server.Shutdown()
 	return server.Serve()
 }
--- a/cmd/console/update.go
+++ b/cmd/console/update.go
@@ -96,7 +96,7 @@ var updateCmd = cli.Command{
 	Action: updateInplace,
 }
-func updateInplace(ctx *cli.Context) error {
+func updateInplace(_ *cli.Context) error {
 	transport := getUpdateTransport(30 * time.Second)
 	rel, err := getLatestRelease(transport)
 	if err != nil {
--- a/docs/console_operator_mode.md
+++ b/docs/console_operator_mode.md
@@ -1,39 +0,0 @@
 # Running Console in Operator mode
 `Console` will authenticate against `Kubernetes`using bearer tokens via HTTP `Authorization` header. The user will provide this token once
 in the login form, Console will validate it against Kubernetes (list apis) and if valid will generate and return a new Console sessions 
 with encrypted claims (the user Service account token will be inside the session encrypted token
 # Kubernetes
 The provided `JWT token` corresponds to the `Kubernetes service account` that `Console` will use to run tasks on behalf of the
 user, ie: list, create, edit, delete tenants, storage class, etc.
 # Development
 If console is running inside a k8s pod `KUBERNETES_SERVICE_HOST` and `KUBERNETES_SERVICE_PORT` will contain the k8s api server apiServerAddress
 if console is not running inside k8s by default will look for the k8s api server on `localhost:8001` (kubectl proxy)
 If you are running console in your local environment and wish to make request to `Kubernetes` you can set `CONSOLE_K8S_API_SERVER`, if
 the environment variable is not present by default `Console` will use `"http://localhost:8001"`, additionally you will need to set the
 `CONSOLE_OPERATOR_MODE=on` variable to make Console display the Operator UI.
 NOTE: using `kubectl` proxy is for local development only, since every request send to localhost:8001 will bypass service account authentication
 more info here: https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#directly-accessing-the-rest-api
 you can override this using `CONSOLE_K8S_API_SERVER`, ie use the k8s cluster from `kubectl config view`
 ## Extract the Service account token and use it with Console
 For local development you can use the jwt associated to the `console-sa` service account, you can get the token running
 the following command in your terminal:
 ```
 kubectl get secret $(kubectl get serviceaccount console-sa -o jsonpath="{.secrets[0].name}") -o jsonpath="{.data.token}" | base64 --decode
 ```
 Then run the Console server
 ```
 CONSOLE_OPERATOR_MODE=on ./console server
 ```
--- a/go.mod
+++ b/go.mod
@@ -1,156 +1,154 @@
 module github.com/minio/console
-go 1.17
+go 1.20
 require (
 	github.com/blang/semver/v4 v4.0.0
-	github.com/cheggaaa/pb/v3 v3.0.6
+	github.com/cheggaaa/pb/v3 v3.1.2
-	github.com/dustin/go-humanize v1.0.0
+	github.com/dustin/go-humanize v1.0.1
-	github.com/go-openapi/errors v0.19.9
+	github.com/fatih/color v1.15.0
-	github.com/go-openapi/loads v0.20.2
+	github.com/go-openapi/errors v0.20.3
-	github.com/go-openapi/runtime v0.19.24
+	github.com/go-openapi/loads v0.21.2
-	github.com/go-openapi/spec v0.20.3
+	github.com/go-openapi/runtime v0.26.0
-	github.com/go-openapi/strfmt v0.20.0
+	github.com/go-openapi/spec v0.20.9
-	github.com/go-openapi/swag v0.19.14
+	github.com/go-openapi/strfmt v0.21.7
-	github.com/go-openapi/validate v0.20.2
+	github.com/go-openapi/swag v0.22.3
-	github.com/golang-jwt/jwt/v4 v4.1.0
+	github.com/go-openapi/validate v0.22.1
-	github.com/gorilla/websocket v1.4.2
+	github.com/golang-jwt/jwt/v4 v4.5.0
-	github.com/jessevdk/go-flags v1.4.0
+	github.com/google/uuid v1.3.0
-	github.com/klauspost/compress v1.13.6
+	github.com/jessevdk/go-flags v1.5.0
-	github.com/minio/cli v1.22.0
+	github.com/klauspost/compress v1.16.5
-	github.com/minio/direct-csi v1.3.5-0.20210601185811-f7776f7961bf
+	github.com/minio/cli v1.24.2
-	github.com/minio/kes v0.11.0
+	github.com/minio/highwayhash v1.0.2
-	github.com/minio/madmin-go v1.1.21
+	github.com/minio/kes v0.22.3
-	github.com/minio/mc v0.0.0-20211207230606-23a05f5a17f2
+	github.com/minio/madmin-go/v3 v3.0.2
-	github.com/minio/minio-go/v7 v7.0.19
+	github.com/minio/mc v0.0.0-20230619193119-5f39522e6902
-	github.com/minio/operator v0.0.0-20211011212245-31460bbbc4b7
+	github.com/minio/minio-go/v7 v7.0.58-0.20230622175401-7048a16cfbca
-	github.com/minio/operator/logsearchapi v0.0.0-20211011212245-31460bbbc4b7
+	github.com/minio/pkg v1.7.5
-	github.com/minio/pkg v1.1.10
+	github.com/minio/selfupdate v0.6.0
-	github.com/minio/selfupdate v0.3.1
+	github.com/minio/websocket v1.6.0
 	github.com/mitchellh/go-homedir v1.1.0
-	github.com/rs/xid v1.3.0
+	github.com/rs/xid v1.5.0
 	github.com/secure-io/sio-go v0.3.1
-	github.com/stretchr/testify v1.7.0
+	github.com/stretchr/testify v1.8.4
-	github.com/unrolled/secure v1.0.9
+	github.com/tidwall/gjson v1.14.4
-	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519
+	github.com/unrolled/secure v1.13.0
-	golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f
+	golang.org/x/crypto v0.9.0
-	golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c
+	golang.org/x/net v0.10.0
-	gopkg.in/yaml.v2 v2.4.0
+	golang.org/x/oauth2 v0.7.0
-	k8s.io/api v0.21.1
+	// Added to include security fix for
-	k8s.io/apimachinery v0.21.1
+	// https://github.com/golang/go/issues/56152
-	k8s.io/client-go v0.21.1
+	golang.org/x/text v0.9.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 )
 require github.com/mattn/go-ieproxy v0.0.1
 require (
-	github.com/PuerkitoBio/purell v1.1.1 // indirect
+	aead.dev/mem v0.2.0 // indirect
-	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
+	aead.dev/minisign v0.2.0 // indirect
-	github.com/StackExchange/wmi v1.2.1 // indirect
+	github.com/VividCortex/ewma v1.2.0 // indirect
-	github.com/VividCortex/ewma v1.1.1 // indirect
+	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
-	github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef // indirect
+	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/briandowns/spinner v1.16.0 // indirect
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
-	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/charmbracelet/bubbles v0.15.0 // indirect
 	github.com/charmbracelet/bubbletea v0.23.2 // indirect
 	github.com/charmbracelet/lipgloss v0.7.1 // indirect
 	github.com/cheggaaa/pb v1.0.29 // indirect
-	github.com/coreos/go-semver v0.3.0 // indirect
+	github.com/containerd/console v1.0.3 // indirect
-	github.com/coreos/go-systemd/v22 v22.3.2 // indirect
+	github.com/coreos/go-semver v0.3.1 // indirect
 	github.com/coreos/go-systemd/v22 v22.5.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0 // indirect
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect
-	github.com/docker/go-units v0.4.0 // indirect
+	github.com/docker/go-units v0.5.0 // indirect
 	github.com/emicklei/go-restful v2.9.5+incompatible // indirect
 	github.com/evanphx/json-patch v4.9.0+incompatible // indirect
 	github.com/fatih/color v1.13.0 // indirect
 	github.com/fatih/structs v1.1.0 // indirect
-	github.com/georgysavva/scany v0.2.7 // indirect
+	github.com/gdamore/encoding v1.0.0 // indirect
-	github.com/go-logr/logr v0.4.0 // indirect
+	github.com/gdamore/tcell/v2 v2.6.0 // indirect
 	github.com/go-ole/go-ole v1.2.6 // indirect
-	github.com/go-openapi/analysis v0.20.0 // indirect
+	github.com/go-openapi/analysis v0.21.4 // indirect
-	github.com/go-openapi/jsonpointer v0.19.5 // indirect
+	github.com/go-openapi/jsonpointer v0.19.6 // indirect
-	github.com/go-openapi/jsonreference v0.19.5 // indirect
+	github.com/go-openapi/jsonreference v0.20.2 // indirect
-	github.com/go-stack/stack v1.8.0 // indirect
+	github.com/goccy/go-json v0.10.2 // indirect
 	github.com/goccy/go-json v0.7.9 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
+	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b // indirect
+	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/google/go-cmp v0.5.5 // indirect
 	github.com/google/gofuzz v1.1.0 // indirect
 	github.com/google/uuid v1.3.0 // indirect
 	github.com/googleapis/gnostic v0.5.1 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
-	github.com/hashicorp/golang-lru v0.5.4 // indirect
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
-	github.com/inconshreveable/mousetrap v1.0.0 // indirect
+	github.com/jedib0t/go-pretty/v6 v6.4.6 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/klauspost/cpuid/v2 v2.0.9 // indirect
+	github.com/juju/ratelimit v1.0.2 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.4 // indirect
 	github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
-	github.com/lestrrat-go/blackmagic v1.0.0 // indirect
+	github.com/lestrrat-go/blackmagic v1.0.1 // indirect
-	github.com/lestrrat-go/httpcc v1.0.0 // indirect
+	github.com/lestrrat-go/httpcc v1.0.1 // indirect
-	github.com/lestrrat-go/iter v1.0.1 // indirect
+	github.com/lestrrat-go/iter v1.0.2 // indirect
-	github.com/lestrrat-go/jwx v1.2.7 // indirect
+	github.com/lestrrat-go/jwx v1.2.26 // indirect
-	github.com/lestrrat-go/option v1.0.0 // indirect
+	github.com/lestrrat-go/option v1.0.1 // indirect
-	github.com/mailru/easyjson v0.7.6 // indirect
+	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
-	github.com/mattn/go-colorable v0.1.10 // indirect
+	github.com/lufia/plan9stats v0.0.0-20230326075908-cb1d2100619a // indirect
-	github.com/mattn/go-ieproxy v0.0.1 // indirect
+	github.com/mailru/easyjson v0.7.7 // indirect
-	github.com/mattn/go-isatty v0.0.14 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
-	github.com/mattn/go-runewidth v0.0.13 // indirect
+	github.com/mattn/go-isatty v0.0.18 // indirect
-	github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
+	github.com/mattn/go-localereader v0.0.1 // indirect
-	github.com/mb0/glob v0.0.0-20160210091149-1eb79d2de6c4 // indirect
+	github.com/mattn/go-runewidth v0.0.14 // indirect
-	github.com/minio/argon2 v1.0.0 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
-	github.com/minio/colorjson v1.0.1 // indirect
+	github.com/minio/colorjson v1.0.5 // indirect
 	github.com/minio/filepath v1.0.0 // indirect
 	github.com/minio/md5-simd v1.1.2 // indirect
-	github.com/minio/sha256-simd v1.0.0 // indirect
+	github.com/minio/sha256-simd v1.0.1 // indirect
-	github.com/mitchellh/mapstructure v1.4.1 // indirect
+	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
-	github.com/philhofer/fwd v1.1.1 // indirect
+	github.com/montanaflynn/stats v0.7.0 // indirect
 	github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 // indirect
 	github.com/muesli/cancelreader v0.2.2 // indirect
 	github.com/muesli/reflow v0.3.0 // indirect
 	github.com/muesli/termenv v0.15.1 // indirect
 	github.com/navidys/tvxwidgets v0.3.0 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
 	github.com/olekukonko/tablewriter v0.0.5 // indirect
 	github.com/philhofer/fwd v1.1.2 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/pkg/profile v1.6.0 // indirect
+	github.com/pkg/xattr v0.4.9 // indirect
 	github.com/pkg/xattr v0.4.3 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/posener/complete v1.2.3 // indirect
-	github.com/prometheus/client_golang v1.11.0 // indirect
+	github.com/power-devops/perfstat v0.0.0-20221212215047-62379fc7944b // indirect
-	github.com/prometheus/client_model v0.2.0 // indirect
+	github.com/prometheus/client_golang v1.14.0 // indirect
-	github.com/prometheus/common v0.31.1 // indirect
+	github.com/prometheus/client_model v0.3.0 // indirect
-	github.com/prometheus/procfs v0.7.3 // indirect
+	github.com/prometheus/common v0.42.0 // indirect
-	github.com/rivo/uniseg v0.2.0 // indirect
+	github.com/prometheus/procfs v0.9.0 // indirect
-	github.com/rjeczalik/notify v0.9.2 // indirect
+	github.com/prometheus/prom2json v1.3.2 // indirect
-	github.com/shirou/gopsutil/v3 v3.21.8 // indirect
+	github.com/rivo/tview v0.0.0-20230406072732-e22ce9588bb4 // indirect
-	github.com/sirupsen/logrus v1.8.1 // indirect
+	github.com/rivo/uniseg v0.4.4 // indirect
-	github.com/stretchr/objx v0.2.0 // indirect
+	github.com/rjeczalik/notify v0.9.3 // indirect
-	github.com/tidwall/gjson v1.10.2 // indirect
+	github.com/rogpeppe/go-internal v1.10.0 // indirect
 	github.com/shirou/gopsutil/v3 v3.23.3 // indirect
 	github.com/shoenig/go-m1cpu v0.1.5 // indirect
 	github.com/sirupsen/logrus v1.9.2 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
-	github.com/tidwall/pretty v1.2.0 // indirect
+	github.com/tidwall/pretty v1.2.1 // indirect
-	github.com/tinylib/msgp v1.1.6 // indirect
+	github.com/tinylib/msgp v1.1.8 // indirect
-	github.com/tklauser/go-sysconf v0.3.9 // indirect
+	github.com/tklauser/go-sysconf v0.3.11 // indirect
-	github.com/tklauser/numcpus v0.3.0 // indirect
+	github.com/tklauser/numcpus v0.6.0 // indirect
-	go.etcd.io/etcd/api/v3 v3.5.0 // indirect
+	github.com/yusufpapurcu/wmi v1.2.2 // indirect
-	go.etcd.io/etcd/client/pkg/v3 v3.5.0 // indirect
+	go.etcd.io/etcd/api/v3 v3.5.7 // indirect
-	go.etcd.io/etcd/client/v3 v3.5.0 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.5.7 // indirect
-	go.mongodb.org/mongo-driver v1.4.6 // indirect
+	go.etcd.io/etcd/client/v3 v3.5.7 // indirect
-	go.uber.org/atomic v1.9.0 // indirect
+	go.mongodb.org/mongo-driver v1.11.3 // indirect
-	go.uber.org/multierr v1.7.0 // indirect
+	go.uber.org/atomic v1.10.0 // indirect
-	go.uber.org/zap v1.19.1 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
-	golang.org/x/sys v0.0.0-20211015200801-69063c4bb744 // indirect
+	go.uber.org/zap v1.24.0 // indirect
-	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
+	golang.org/x/sync v0.1.0 // indirect
-	golang.org/x/text v0.3.7 // indirect
+	golang.org/x/sys v0.8.0 // indirect
-	golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
+	golang.org/x/term v0.8.0 // indirect
-	google.golang.org/appengine v1.6.6 // indirect
+	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/genproto v0.0.0-20210928142010-c7af6a1a74c9 // indirect
+	google.golang.org/genproto v0.0.0-20230403163135-c38d8f061ccd // indirect
-	google.golang.org/grpc v1.41.0 // indirect
+	google.golang.org/grpc v1.54.0 // indirect
-	google.golang.org/protobuf v1.27.1 // indirect
+	google.golang.org/protobuf v1.30.0 // indirect
 	gopkg.in/h2non/filetype.v1 v1.0.5 // indirect
-	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/ini.v1 v1.67.0 // indirect
-	gopkg.in/ini.v1 v1.63.2 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
 	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
 	k8s.io/klog/v2 v2.8.0 // indirect
 	k8s.io/kube-openapi v0.0.0-20210305001622-591a79e4bda7 // indirect
 	k8s.io/utils v0.0.0-20201110183641-67b214c5f920 // indirect
 	maze.io/x/duration v0.0.0-20160924141736-faac084b6075 // indirect
 	sigs.k8s.io/controller-runtime v0.8.0 // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.1.0 // indirect
 	sigs.k8s.io/yaml v1.2.0 // indirect
 )
 replace google.golang.org/grpc => google.golang.org/grpc v1.29.1
--- a/go.sum
+++ b/go.sum
--- a/k8s/boilerplate.go.txt
+++ b/k8s/boilerplate.go.txt
--- a/hack/update-codegen.sh
+++ b/hack/update-codegen.sh
@@ -1,18 +1,4 @@
 #!/bin/bash
 #
 # Copyright 2020 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     https://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 set -o errexit
 set -o nounset
@@ -20,10 +6,7 @@ set -o pipefail
 SCRIPT_ROOT=$(dirname ${BASH_SOURCE})/..
-go get -d k8s.io/code-generator/...
+GO111MODULE=off go get -d k8s.io/code-generator/...
 # Checkout code-generator to compatible version
 #(cd $GOPATH/src/k8s.io/code-generator && git checkout origin/release-1.14 -B release-1.14)
 REPOSITORY=github.com/minio/console
 $GOPATH/src/k8s.io/code-generator/generate-groups.sh all \
--- a/images/pic1.png
+++ b/images/pic1.png
--- a/images/pic2.png
+++ b/images/pic2.png
--- a/images/pic3.png
+++ b/images/pic3.png
--- a/integration/access_rules_test.go
+++ b/integration/access_rules_test.go
@@ -0,0 +1,216 @@
 // This file is part of MinIO Console Server
 // Copyright (c) 2022 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package integration
 import (
 	"bytes"
 	"encoding/json"
 	"fmt"
 	"log"
 	"net/http"
 	"testing"
 	"time"
 	"github.com/stretchr/testify/assert"
 )
 func Test_AddAccessRuleAPI(t *testing.T) {
 	assert := assert.New(t)
 	AddBucket("testaccessruleadd", false, nil, nil, nil)
 	type args struct {
 		bucket string
 		prefix string
 		access string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Create Access Rule - Valid",
 			args: args{
 				bucket: "testaccessruleadd",
 				prefix: "/test/",
 				access: "readonly",
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 		{
 			name: "Add Access Rule - Invalid",
 			args: args{
 				bucket: "testaccessruleadd",
 				prefix: "/test/",
 				access: "readonl",
 			},
 			expectedStatus: 500,
 			expectedError:  nil,
 		},
 		{
 			name: "Add Access Rule - Invalid Bucket",
 			args: args{
 				bucket: "fakebucket",
 				prefix: "/test/",
 				access: "readonl",
 			},
 			expectedStatus: 404,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			requestDataPolicy := map[string]interface{}{}
 			requestDataPolicy["prefix"] = tt.args.prefix
 			requestDataPolicy["access"] = tt.args.access
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
 				"PUT", fmt.Sprintf("http://localhost:9090/api/v1/bucket/%s/access-rules", tt.args.bucket), requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
 		})
 	}
 }
 func Test_GetAccessRulesAPI(t *testing.T) {
 	assert := assert.New(t)
 	AddBucket("testaccessruleget", false, nil, nil, nil)
 	type args struct {
 		bucket string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Get Access Rule - Valid",
 			args: args{
 				bucket: "testaccessruleget",
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			request, err := http.NewRequest(
 				"GET", fmt.Sprintf("http://localhost:9090/api/v1/bucket/%s/access-rules", tt.args.bucket), nil)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
 		})
 	}
 }
 func Test_DeleteAccessRuleAPI(t *testing.T) {
 	assert := assert.New(t)
 	AddBucket("testaccessruledelete", false, nil, nil, nil)
 	type args struct {
 		prefix string
 		access string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Delete Access Rule - Valid",
 			args: args{
 				prefix: "/test/",
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			requestDataPolicy := map[string]interface{}{}
 			requestDataPolicy["prefix"] = tt.args.prefix
 			requestDataPolicy["access"] = tt.args.access
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
 				"DELETE", "http://localhost:9090/api/v1/bucket/testaccessruledelete/access-rules", requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
 		})
 	}
 }
--- a/integration/admin_api_integration_test.go
+++ b/integration/admin_api_integration_test.go
@@ -0,0 +1,407 @@
 // This file is part of MinIO Console Server
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 // These tests are for AdminAPI Tag based on swagger-console.yml
 package integration
 import (
 	"bytes"
 	"encoding/json"
 	"fmt"
 	"io"
 	"log"
 	"mime/multipart"
 	"net/http"
 	"os"
 	"path"
 	"testing"
 	"time"
 	"github.com/minio/console/models"
 	"github.com/stretchr/testify/assert"
 )
 func RestartService() (*http.Response, error) {
 	/*
 		Helper function to restart service
 		HTTP Verb: POST
 		URL: /api/v1/service/restart
 	*/
 	request, err := http.NewRequest(
 		"POST",
 		"http://localhost:9090/api/v1/service/restart",
 		nil,
 	)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	client := &http.Client{
 		Timeout: 2000 * time.Second, // increased timeout since restart takes time, more than other APIs.
 	}
 	response, err := client.Do(request)
 	return response, err
 }
 func GetNodes() (*http.Response, error) {
 	/*
 		Helper function to get nodes
 		HTTP Verb: GET
 		URL: /api/v1/nodes
 	*/
 	request, err := http.NewRequest(
 		"GET",
 		"http://localhost:9090/api/v1/nodes",
 		nil,
 	)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	client := &http.Client{
 		Timeout: 2000 * time.Second, // increased timeout since restart takes time, more than other APIs.
 	}
 	response, err := client.Do(request)
 	return response, err
 }
 func NotifyPostgres() (*http.Response, error) {
 	/*
 		Helper function to add Postgres Notification
 		HTTP Verb: PUT
 		URL: api/v1/configs/notify_postgres
 		Body:
 		{
 			"key_values":[
 				{
 					"key":"connection_string",
 					"value":"user=postgres password=password host=localhost dbname=postgres port=5432 sslmode=disable"
 				},
 				{
 					"key":"table",
 					"value":"accountsssss"
 				},
 				{
 					"key":"format",
 					"value":"namespace"
 				},
 				{
 					"key":"queue_limit",
 					"value":"10000"
 				},
 				{
 					"key":"comment",
 					"value":"comment"
 				}
 			]
 		}
 	*/
 	Body := models.SetConfigRequest{
 		KeyValues: []*models.ConfigurationKV{
 			{
 				Key:   "connection_string",
 				Value: "user=postgres password=password host=173.18.0.4 dbname=postgres port=5432 sslmode=disable",
 			},
 			{
 				Key:   "table",
 				Value: "accountsssss",
 			},
 			{
 				Key:   "format",
 				Value: "namespace",
 			},
 			{
 				Key:   "queue_limit",
 				Value: "10000",
 			},
 			{
 				Key:   "comment",
 				Value: "comment",
 			},
 		},
 	}
 	requestDataJSON, _ := json.Marshal(Body)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
 		"PUT",
 		"http://localhost:9090/api/v1/configs/notify_postgres",
 		requestDataBody,
 	)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	response, err := client.Do(request)
 	return response, err
 }
 func TestNotifyPostgres(t *testing.T) {
 	// Variables
 	asserter := assert.New(t)
 	// Test
 	response, err := NotifyPostgres()
 	finalResponse := inspectHTTPResponse(response)
 	asserter.Nil(err)
 	if err != nil {
 		log.Println(err)
 		asserter.Fail(finalResponse)
 		return
 	}
 	if response != nil {
 		asserter.Equal(200, response.StatusCode, finalResponse)
 	}
 }
 func TestRestartService(t *testing.T) {
 	asserter := assert.New(t)
 	restartResponse, restartError := RestartService()
 	asserter.Nil(restartError)
 	if restartError != nil {
 		log.Println(restartError)
 		return
 	}
 	addObjRsp := inspectHTTPResponse(restartResponse)
 	if restartResponse != nil {
 		asserter.Equal(
 			204,
 			restartResponse.StatusCode,
 			addObjRsp,
 		)
 	}
 }
 func ListPoliciesWithBucket(bucketName string) (*http.Response, error) {
 	/*
 		Helper function to List Policies With Given Bucket
 		HTTP Verb: GET
 		URL: /bucket-policy/{bucket}
 	*/
 	request, err := http.NewRequest(
 		"GET", "http://localhost:9090/api/v1/bucket-policy/"+bucketName, nil)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	response, err := client.Do(request)
 	return response, err
 }
 func TestListPoliciesWithBucket(t *testing.T) {
 	// Test Variables
 	bucketName := "testlistpolicieswithbucket"
 	asserter := assert.New(t)
 	// Test
 	response, err := ListPoliciesWithBucket(bucketName)
 	asserter.Nil(err)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	parsedResponse := inspectHTTPResponse(response)
 	if response != nil {
 		asserter.Equal(
 			200,
 			response.StatusCode,
 			parsedResponse,
 		)
 	}
 }
 func ListUsersWithAccessToBucket(bucketName string) (*http.Response, error) {
 	/*
 		Helper function to List Users With Access to a Given Bucket
 		HTTP Verb: GET
 		URL: /bucket-users/{bucket}
 	*/
 	request, err := http.NewRequest(
 		"GET", "http://localhost:9090/api/v1/bucket-users/"+bucketName, nil)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	response, err := client.Do(request)
 	return response, err
 }
 func TestListUsersWithAccessToBucket(t *testing.T) {
 	// Test Variables
 	bucketName := "testlistuserswithaccesstobucket1"
 	asserter := assert.New(t)
 	// Test
 	response, err := ListUsersWithAccessToBucket(bucketName)
 	asserter.Nil(err)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	parsedResponse := inspectHTTPResponse(response)
 	if response != nil {
 		asserter.Equal(
 			200,
 			response.StatusCode,
 			parsedResponse,
 		)
 	}
 }
 func TestGetNodes(t *testing.T) {
 	asserter := assert.New(t)
 	getNodesResponse, getNodesError := GetNodes()
 	asserter.Nil(getNodesError)
 	if getNodesError != nil {
 		log.Println(getNodesError)
 		return
 	}
 	addObjRsp := inspectHTTPResponse(getNodesResponse)
 	if getNodesResponse != nil {
 		asserter.Equal(
 			200,
 			getNodesResponse.StatusCode,
 			addObjRsp,
 		)
 	}
 }
 func ArnList() (*http.Response, error) {
 	/*
 		Helper function to get arn list
 		HTTP Verb: GET
 		URL: /api/v1/admin/arns
 	*/
 	request, err := http.NewRequest(
 		"GET", "http://localhost:9090/api/v1/admin/arns", nil)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	response, err := client.Do(request)
 	return response, err
 }
 func TestArnList(t *testing.T) {
 	asserter := assert.New(t)
 	resp, err := ArnList()
 	asserter.Nil(err)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	objRsp := inspectHTTPResponse(resp)
 	if resp != nil {
 		asserter.Equal(
 			200,
 			resp.StatusCode,
 			objRsp,
 		)
 	}
 }
 func ExportConfig() (*http.Response, error) {
 	request, err := http.NewRequest(
 		"GET", "http://localhost:9090/api/v1/configs/export", nil)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	response, err := client.Do(request)
 	return response, err
 }
 func ImportConfig() (*http.Response, error) {
 	body := &bytes.Buffer{}
 	writer := multipart.NewWriter(body)
 	formFile, _ := writer.CreateFormFile("file", "sample-import-config.txt")
 	fileDir, _ := os.Getwd()
 	fileName := "sample-import-config.txt"
 	filePath := path.Join(fileDir, fileName)
 	file, _ := os.Open(filePath)
 	io.Copy(formFile, file)
 	writer.Close()
 	request, err := http.NewRequest(
 		"POST", "http://localhost:9090/api/v1/configs/import",
 		bytes.NewReader(body.Bytes()),
 	)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Set("Content-Type", writer.FormDataContentType())
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	rsp, _ := client.Do(request)
 	if rsp.StatusCode != http.StatusOK {
 		log.Printf("Request failed with response code: %d", rsp.StatusCode)
 	}
 	return rsp, err
 }
 func TestExportConfig(t *testing.T) {
 	asserter := assert.New(t)
 	resp, err := ExportConfig()
 	asserter.Nil(err)
 	objRsp := inspectHTTPResponse(resp)
 	if resp != nil {
 		asserter.Equal(
 			200,
 			resp.StatusCode,
 			objRsp,
 		)
 	}
 }
 func TestImportConfig(t *testing.T) {
 	asserter := assert.New(t)
 	resp, err := ImportConfig()
 	asserter.Nil(err)
 	objRsp := inspectHTTPResponse(resp)
 	if resp != nil {
 		asserter.Equal(
 			200,
 			resp.StatusCode,
 			objRsp,
 		)
 	}
 }
--- a/integration/buckets_test.go
+++ b/integration/buckets_test.go
@@ -18,9 +18,10 @@ package integration
 import (
 	"bytes"
 	b64 "encoding/base64"
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"log"
 	"net/http"
 	"os"
@@ -31,16 +32,30 @@ import (
 	"github.com/go-openapi/loads"
 	"github.com/minio/console/restapi"
 	"github.com/minio/console/restapi/operations"
 	"github.com/minio/console/models"
 	"github.com/stretchr/testify/assert"
 )
 var token string
-func initConsoleServer() (*restapi.Server, error) {
+func encodeBase64(fileName string) string {
 	/*
 		Helper function to encode in base64 the file name so we can get the path
 	*/
 	path := b64.StdEncoding.EncodeToString([]byte(fileName))
 	return path
 }
 func inspectHTTPResponse(httpResponse *http.Response) string {
 	/*
 		Helper function to inspect the content of a HTTP response.
 	*/
 	b, err := io.ReadAll(httpResponse.Body)
 	if err != nil {
 		log.Fatalln(err)
 	}
 	return "Http Response: " + string(b)
 }
 func initConsoleServer() (*restapi.Server, error) {
 	// os.Setenv("CONSOLE_MINIO_SERVER", "localhost:9000")
 	swaggerSpec, err := loads.Embedded(restapi.SwaggerJSON, restapi.FlatSwaggerJSON)
@@ -76,7 +91,6 @@ func initConsoleServer() (*restapi.Server, error) {
 }
 func TestMain(m *testing.M) {
 	// start console server
 	go func() {
 		fmt.Println("start server")
@@ -87,7 +101,6 @@ func TestMain(m *testing.M) {
 			return
 		}
 		srv.Serve()
 	}()
 	fmt.Println("sleeping")
@@ -116,7 +129,6 @@ func TestMain(m *testing.M) {
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	if err != nil {
 		log.Println(err)
 		return
@@ -146,7 +158,7 @@ func TestMain(m *testing.M) {
 	requestDataBody = bytes.NewReader(requestDataJSON)
-	// get list of buckets
+	// delete bucket
 	request, err = http.NewRequest("DELETE", "http://localhost:9090/api/v1/buckets/test1", requestDataBody)
 	if err != nil {
 		log.Println(err)
@@ -168,321 +180,3 @@ func TestMain(m *testing.M) {
 	os.Exit(code)
 }
 func TestAddBucket(t *testing.T) {
 	assert := assert.New(t)
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	requestDataAdd := map[string]interface{}{
 		"name":       "test1",
 		"versioning": false,
 		"locking":    false,
 	}
 	requestDataJSON, _ := json.Marshal(requestDataAdd)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	// get list of buckets
 	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/buckets", requestDataBody)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	assert.Nil(err)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
 	}
 }
 func TestGetBucket(t *testing.T) {
 	assert := assert.New(t)
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	requestDataAdd := map[string]interface{}{
 		"name":       "test3",
 		"versioning": false,
 		"locking":    false,
 	}
 	requestDataJSON, _ := json.Marshal(requestDataAdd)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	// put bucket
 	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/buckets", requestDataBody)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	assert.Nil(err)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	// get bucket
 	request, err = http.NewRequest("GET", "http://localhost:9090/api/v1/buckets/test3", nil)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err = client.Do(request)
 	assert.Nil(err)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
 	}
 }
 func TestSetBucketTags(t *testing.T) {
 	assert := assert.New(t)
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	requestDataAdd := map[string]interface{}{
 		"name":       "test4",
 		"versioning": false,
 		"locking":    false,
 	}
 	requestDataJSON, _ := json.Marshal(requestDataAdd)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	// put bucket
 	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/buckets", requestDataBody)
 	request.Close = true
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	assert.Nil(err)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	requestDataTags := map[string]interface{}{
 		"tags": map[string]interface{}{
 			"test": "TAG",
 		},
 	}
 	requestTagsJSON, _ := json.Marshal(requestDataTags)
 	requestTagsBody := bytes.NewBuffer(requestTagsJSON)
 	request, err = http.NewRequest(http.MethodPut, "http://localhost:9090/api/v1/buckets/test4/tags", requestTagsBody)
 	request.Close = true
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err = client.Do(request)
 	assert.Nil(err)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	// get bucket
 	request, err = http.NewRequest("GET", "http://localhost:9090/api/v1/buckets/test4", nil)
 	request.Close = true
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err = client.Do(request)
 	assert.Nil(err)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	bodyBytes, _ := ioutil.ReadAll(response.Body)
 	bucket := models.Bucket{}
 	err = json.Unmarshal(bodyBytes, &bucket)
 	if err != nil {
 		log.Println(err)
 	}
 	assert.Equal("TAG", bucket.Details.Tags["test"], "Failed to add tag")
 }
 func TestBucketVersioning(t *testing.T) {
 	assert := assert.New(t)
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/session", nil)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	response, err := client.Do(request)
 	assert.Nil(err)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	var distributedSystem bool
 	if response != nil {
 		bodyBytes, _ := ioutil.ReadAll(response.Body)
 		sessionResponse := models.SessionResponse{}
 		err = json.Unmarshal(bodyBytes, &sessionResponse)
 		if err != nil {
 			log.Println(err)
 		}
 		distributedSystem = sessionResponse.DistributedMode
 	}
 	requestDataVersioning := map[string]interface{}{
 		"name":       "test2",
 		"versioning": true,
 		"locking":    false,
 	}
 	requestDataJSON, _ := json.Marshal(requestDataVersioning)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err = http.NewRequest("POST", "http://localhost:9090/api/v1/buckets", requestDataBody)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err = client.Do(request)
 	assert.Nil(err)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	fmt.Println("Versioned bucket creation test status:", response.Status)
 	if distributedSystem {
 		assert.Equal(201, response.StatusCode, "Versioning test Status Code is incorrect - bucket failed to create")
 	} else {
 		assert.NotEqual(201, response.StatusCode, "Versioning test Status Code is incorrect -  versioned bucket created on non-distributed system")
 	}
 	request, err = http.NewRequest("DELETE", "http://localhost:9090/api/v1/buckets/test2", requestDataBody)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err = client.Do(request)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		fmt.Println("DELETE StatusCode:", response.StatusCode)
 	}
 }
 func TestBucketsGet(t *testing.T) {
 	assert := assert.New(t)
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	// get list of buckets
 	request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/buckets", nil)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	response, err := client.Do(request)
 	assert.Nil(err)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
 		bodyBytes, _ := ioutil.ReadAll(response.Body)
 		listBuckets := models.ListBucketsResponse{}
 		err = json.Unmarshal(bodyBytes, &listBuckets)
 		if err != nil {
 			log.Println(err)
 			assert.Nil(err)
 		}
 		assert.Greater(len(listBuckets.Buckets), 0, "No bucket was returned")
 		assert.Greater(listBuckets.Total, int64(0), "Total buckets is 0")
 	}
 }
--- a/integration/config_test.go
+++ b/integration/config_test.go
@@ -0,0 +1,250 @@
 // This file is part of MinIO Console Server
 // Copyright (c) 2022 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package integration
 import (
 	"bytes"
 	"encoding/json"
 	"fmt"
 	"log"
 	"net/http"
 	"testing"
 	"time"
 	"github.com/stretchr/testify/assert"
 )
 func Test_ConfigAPI(t *testing.T) {
 	assert := assert.New(t)
 	tests := []struct {
 		name           string
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name:           "Config - Valid",
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 	}
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/configs", nil)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
 			}
 		})
 	}
 }
 func Test_GetConfigAPI(t *testing.T) {
 	assert := assert.New(t)
 	type args struct {
 		name string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Get Config - Valid",
 			args: args{
 				name: "storage_class",
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 		{
 			name: "Get Config - Invalid",
 			args: args{
 				name: "asdf",
 			},
 			expectedStatus: 404,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			request, err := http.NewRequest(
 				"GET", fmt.Sprintf("http://localhost:9090/api/v1/configs/%s", tt.args.name), nil)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
 			}
 		})
 	}
 }
 func Test_SetConfigAPI(t *testing.T) {
 	assert := assert.New(t)
 	type args struct {
 		name      string
 		keyValues []map[string]interface{}
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Set Config - Valid",
 			args: args{
 				name:      "region",
 				keyValues: []map[string]interface{}{{"key": "name", "value": "testServer"}, {"key": "region", "value": "us-west-1"}},
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 		{
 			name: "Set Config - Invalid",
 			args: args{
 				name:      "regiontest",
 				keyValues: []map[string]interface{}{{"key": "name", "value": "testServer"}, {"key": "region", "value": "us-west-1"}},
 			},
 			expectedStatus: 500,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			requestDataPolicy := map[string]interface{}{}
 			requestDataPolicy["key_values"] = tt.args.keyValues
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
 				"PUT", fmt.Sprintf("http://localhost:9090/api/v1/configs/%s", tt.args.name), requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
 			}
 		})
 	}
 }
 func Test_ResetConfigAPI(t *testing.T) {
 	assert := assert.New(t)
 	type args struct {
 		name string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Reset Config - Valid",
 			args: args{
 				name: "region",
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 		{
 			name: "Reset Config - Invalid",
 			args: args{
 				name: "regiontest",
 			},
 			expectedStatus: 500,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			requestDataPolicy := map[string]interface{}{}
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
 				"POST", fmt.Sprintf("http://localhost:9090/api/v1/configs/%s/reset", tt.args.name), requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
 			}
 		})
 	}
 }
--- a/integration/groups_test.go
+++ b/integration/groups_test.go
@@ -0,0 +1,351 @@
 // This file is part of MinIO Console Server
 // Copyright (c) 2022 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package integration
 import (
 	"bytes"
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"log"
 	"net/http"
 	"testing"
 	"time"
 	"github.com/stretchr/testify/assert"
 )
 func Test_AddGroupAPI(t *testing.T) {
 	assert := assert.New(t)
 	AddUser("member1", "testtest", []string{}, []string{"consoleAdmin"})
 	type args struct {
 		group   string
 		members []string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Create Group - Valid",
 			args: args{
 				group:   "test",
 				members: []string{"member1"},
 			},
 			expectedStatus: 201,
 			expectedError:  nil,
 		},
 		{
 			name: "Create Group - Invalid",
 			args: args{
 				group:   "test",
 				members: []string{},
 			},
 			expectedStatus: 400,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			requestDataPolicy := map[string]interface{}{}
 			requestDataPolicy["group"] = tt.args.group
 			requestDataPolicy["members"] = tt.args.members
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
 				"POST", "http://localhost:9090/api/v1/groups", requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
 		})
 	}
 }
 func Test_GetGroupAPI(t *testing.T) {
 	assert := assert.New(t)
 	AddUser("member2", "testtest", []string{}, []string{"consoleAdmin"})
 	AddGroup("getgroup1", []string{"member2"})
 	type args struct {
 		api string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Get Group - Valid",
 			args: args{
 				api: base64.StdEncoding.EncodeToString([]byte("getgroup1")),
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 		{
 			name: "Get Group - Invalid",
 			args: args{
 				api: base64.StdEncoding.EncodeToString([]byte("askfjalkd")),
 			},
 			expectedStatus: 500,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			requestDataPolicy := map[string]interface{}{}
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
 				"GET", fmt.Sprintf("http://localhost:9090/api/v1/group/%s", tt.args.api), requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
 		})
 	}
 }
 func Test_ListGroupsAPI(t *testing.T) {
 	assert := assert.New(t)
 	tests := []struct {
 		name           string
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name:           "Get Group - Valid",
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			requestDataPolicy := map[string]interface{}{}
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
 				"GET", "http://localhost:9090/api/v1/groups", requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
 		})
 	}
 }
 func Test_PutGroupsAPI(t *testing.T) {
 	assert := assert.New(t)
 	AddUser("member3", "testtest", []string{}, []string{"consoleAdmin"})
 	AddGroup("putgroup1", []string{})
 	type args struct {
 		api     string
 		members []string
 		status  string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Put Group - Valid",
 			args: args{
 				api:     base64.StdEncoding.EncodeToString([]byte("putgroup1")),
 				members: []string{"member3"},
 				status:  "enabled",
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 		{
 			name: "Put Group - Invalid",
 			args: args{
 				api:     base64.StdEncoding.EncodeToString([]byte("gdgfdfgd")),
 				members: []string{"member3"},
 				status:  "enabled",
 			},
 			expectedStatus: 500,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			requestDataPolicy := map[string]interface{}{}
 			requestDataPolicy["members"] = tt.args.members
 			requestDataPolicy["status"] = tt.args.status
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
 				"PUT", fmt.Sprintf("http://localhost:9090/api/v1/group/%s", tt.args.api), requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
 		})
 	}
 }
 func Test_DeleteGroupAPI(t *testing.T) {
 	assert := assert.New(t)
 	AddGroup("grouptests1", []string{})
 	type args struct {
 		api string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 		verb           string
 	}{
 		{
 			name: "Delete Group - Valid",
 			args: args{
 				api: base64.StdEncoding.EncodeToString([]byte("grouptests1")),
 			},
 			verb:           "DELETE",
 			expectedStatus: 204,
 			expectedError:  nil,
 		},
 		{
 			name: "Delete Group - Invalid",
 			args: args{
 				api: base64.StdEncoding.EncodeToString([]byte("grouptests12345")),
 			},
 			verb:           "DELETE",
 			expectedStatus: 404,
 			expectedError:  nil,
 		},
 		{
 			name: "Access Group After Delete - Invalid",
 			args: args{
 				api: base64.StdEncoding.EncodeToString([]byte("grouptests1")),
 			},
 			verb:           "GET",
 			expectedStatus: 500,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			requestDataPolicy := map[string]interface{}{}
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
 				tt.verb, fmt.Sprintf("http://localhost:9090/api/v1/group/%s", tt.args.api), requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
 		})
 	}
 }
--- a/integration/inspect_test.go
+++ b/integration/inspect_test.go
@@ -0,0 +1,106 @@
 package integration
 import (
 	"fmt"
 	"log"
 	"net/http"
 	"testing"
 	"time"
 	"github.com/stretchr/testify/assert"
 )
 func Inspect(volume string, file string, enc bool) (*http.Response, error) {
 	requestURL := fmt.Sprintf("http://localhost:9090/api/v1/admin/inspect?volume=%s&file=%s&encrypt=%t", volume, file, enc)
 	request, err := http.NewRequest(
 		"GET", requestURL, nil)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	response, err := client.Do(request)
 	return response, err
 }
 func TestInspect(t *testing.T) {
 	assert := assert.New(t)
 	type args struct {
 		volume  string
 		file    string
 		encrypt bool
 	}
 	// Inspect returns successful response always
 	tests := []struct {
 		name          string
 		args          args
 		expStatusCode int
 		expectedError bool
 	}{
 		{
 			name: "Test Invalid Path",
 			args: args{
 				volume:  "/test-with-slash",
 				file:    "/test-with-slash",
 				encrypt: false,
 			},
 			expStatusCode: 200,
 			expectedError: false,
 		},
 		{
 			name: "Test Invalid characters in Path",
 			args: args{
 				volume:  "//test",
 				file:    "//bucket",
 				encrypt: false,
 			},
 			expStatusCode: 200,
 			expectedError: true,
 		},
 		{
 			name: "Test valid bucket",
 			args: args{
 				volume:  "test-bucket",
 				file:    "test.txt",
 				encrypt: true,
 			},
 			expStatusCode: 200,
 			expectedError: false,
 		},
 		{
 			name: "Test Empty Path", // Un processable entity error
 			args: args{
 				volume:  "",
 				file:    "",
 				encrypt: false,
 			},
 			expStatusCode: 422,
 			expectedError: false,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			resp, err := Inspect(tt.args.volume, tt.args.file, tt.args.encrypt)
 			if tt.expectedError {
 				assert.Nil(err)
 				if err != nil {
 					log.Println(err)
 					return
 				}
 			}
 			if resp != nil {
 				assert.Equal(
 					tt.expStatusCode,
 					resp.StatusCode,
 				)
 			}
 		})
 	}
 }
--- a/integration/login_test.go
+++ b/integration/login_test.go
@@ -17,8 +17,10 @@
 package integration
 import (
 	"bytes"
 	"encoding/json"
-	"io/ioutil"
+	"fmt"
 	"io"
 	"log"
 	"net/http"
 	"testing"
@@ -54,7 +56,7 @@ func TestLoginStrategy(t *testing.T) {
 	}
 	if response != nil {
-		bodyBytes, _ := ioutil.ReadAll(response.Body)
+		bodyBytes, _ := io.ReadAll(response.Body)
 		loginDetails := models.LoginDetails{}
@@ -67,5 +69,94 @@ func TestLoginStrategy(t *testing.T) {
 		assert.Equal(models.LoginDetailsLoginStrategyForm, loginDetails.LoginStrategy, "Login Details don't match")
 	}
-
+}
 func TestLogout(t *testing.T) {
 	assert := assert.New(t)
 	// image for now:
 	// minio: 9000
 	// console: 9090
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	requestData := map[string]string{
 		"accessKey": "minioadmin",
 		"secretKey": "minioadmin",
 	}
 	requestDataJSON, _ := json.Marshal(requestData)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/login", requestDataBody)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	assert.NotNil(response, "Login response is nil")
 	assert.Nil(err, "Login errored out")
 	var loginToken string
 	for _, cookie := range response.Cookies() {
 		if cookie.Name == "token" {
 			loginToken = cookie.Value
 			break
 		}
 	}
 	if loginToken == "" {
 		log.Println("authentication token not found in cookies response")
 		return
 	}
 	logoutRequest := bytes.NewReader([]byte("{}"))
 	request, err = http.NewRequest("POST", "http://localhost:9090/api/v1/logout", logoutRequest)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", loginToken))
 	request.Header.Add("Content-Type", "application/json")
 	response, err = client.Do(request)
 	assert.NotNil(response, "Logout response is nil")
 	assert.Nil(err, "Logout errored out")
 	assert.Equal(response.StatusCode, 200)
 }
 func TestBadLogin(t *testing.T) {
 	assert := assert.New(t)
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	requestData := map[string]string{
 		"accessKey": "minioadmin",
 		"secretKey": "minioadminbad",
 	}
 	requestDataJSON, _ := json.Marshal(requestData)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/login", requestDataBody)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	assert.Equal(401, response.StatusCode, "Login request not rejected")
 	assert.NotNil(response, "Login response is  nil")
 	assert.Nil(err, "Login errored out")
 }
--- a/integration/objects_test.go
+++ b/integration/objects_test.go
@@ -0,0 +1,281 @@
 // This file is part of MinIO Console Server
 // Copyright (c) 2022 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package integration
 import (
 	"bytes"
 	"context"
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"log"
 	"math/rand"
 	"net/http"
 	"strings"
 	"testing"
 	"time"
 	"github.com/minio/minio-go/v7"
 	"github.com/minio/minio-go/v7/pkg/credentials"
 	"github.com/stretchr/testify/assert"
 )
 func TestObjectGet(t *testing.T) {
 	// for setup we'll create a bucket and upload a file
 	endpoint := "localhost:9000"
 	accessKeyID := "minioadmin"
 	secretAccessKey := "minioadmin"
 	// Initialize minio client object.
 	minioClient, err := minio.New(endpoint, &minio.Options{
 		Creds:  credentials.NewStaticV4(accessKeyID, secretAccessKey, ""),
 		Secure: false,
 	})
 	if err != nil {
 		log.Fatalln(err)
 	}
 	bucketName := fmt.Sprintf("testbucket-%d", rand.Intn(1000-1)+1)
 	err = minioClient.MakeBucket(context.Background(), bucketName, minio.MakeBucketOptions{Region: "us-east-1", ObjectLocking: true})
 	if err != nil {
 		fmt.Println(err)
 	}
 	// upload a simple file
 	fakeFile := "12345678"
 	fileReader := strings.NewReader(fakeFile)
 	_, err = minioClient.PutObject(
 		context.Background(),
 		bucketName,
 		"myobject", fileReader, int64(len(fakeFile)), minio.PutObjectOptions{ContentType: "application/octet-stream"})
 	if err != nil {
 		fmt.Println(err)
 		return
 	}
 	_, err = minioClient.PutObject(
 		context.Background(),
 		bucketName,
 		"myobject.jpg", fileReader, int64(len(fakeFile)), minio.PutObjectOptions{ContentType: "application/octet-stream"})
 	if err != nil {
 		fmt.Println(err)
 		return
 	}
 	assert := assert.New(t)
 	type args struct {
 		encodedPrefix string
 		versionID     string
 		bytesRange    string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Preview Object",
 			args: args{
 				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject")),
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 		{
 			name: "Preview image",
 			args: args{
 				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject.jpg")),
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 		{
 			name: "Get Range of bytes",
 			args: args{
 				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject.jpg")),
 				bytesRange:    "bytes=1-4",
 			},
 			expectedStatus: 206,
 			expectedError:  nil,
 		},
 		{
 			name: "Get Range of bytes empty start",
 			args: args{
 				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject.jpg")),
 				bytesRange:    "bytes=-4",
 			},
 			expectedStatus: 206,
 			expectedError:  nil,
 		},
 		{
 			name: "Get Invalid Range of bytes",
 			args: args{
 				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject.jpg")),
 				bytesRange:    "bytes=9-12",
 			},
 			expectedStatus: 400,
 			expectedError:  nil,
 		},
 		{
 			name: "Get Larger Range of bytes empty start",
 			args: args{
 				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject.jpg")),
 				bytesRange:    "bytes=-12",
 			},
 			expectedStatus: 206,
 			expectedError:  nil,
 		},
 		{
 			name: "Get invalid seek start Range of bytes",
 			args: args{
 				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject.jpg")),
 				bytesRange:    "bytes=12-16",
 			},
 			expectedStatus: 400,
 			expectedError:  nil,
 		},
 		{
 			name: "Bad Preview Object",
 			args: args{
 				encodedPrefix: "garble",
 			},
 			expectedStatus: 400,
 			expectedError:  nil,
 		},
 		{
 			name: "Bad Version Preview Object",
 			args: args{
 				encodedPrefix: base64.StdEncoding.EncodeToString([]byte("myobject")),
 				versionID:     "garble",
 			},
 			expectedStatus: 400,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			destination := fmt.Sprintf("/api/v1/buckets/%s/objects/download?preview=true&prefix=%s&version_id=%s", bucketName, tt.args.encodedPrefix, tt.args.versionID)
 			finalURL := fmt.Sprintf("http://localhost:9090%s", destination)
 			request, err := http.NewRequest("GET", finalURL, nil)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			if tt.args.bytesRange != "" {
 				request.Header.Add("Range", tt.args.bytesRange)
 			}
 			response, err := client.Do(request)
 			assert.NotNil(response, fmt.Sprintf("%s response object is nil", tt.name))
 			assert.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, fmt.Sprintf("%s returned the wrong status code", tt.name))
 			}
 		})
 	}
 }
 func downloadMultipleFiles(bucketName string, objects []string) (*http.Response, error) {
 	requestURL := fmt.Sprintf("http://localhost:9090/api/v1/buckets/%s/objects/download-multiple", bucketName)
 	postReqParams, _ := json.Marshal(objects)
 	reqBody := bytes.NewReader(postReqParams)
 	request, err := http.NewRequest(
 		"POST", requestURL, reqBody)
 	if err != nil {
 		log.Println(err)
 		return nil, nil
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	response, err := client.Do(request)
 	return response, err
 }
 func TestDownloadMultipleFiles(t *testing.T) {
 	assert := assert.New(t)
 	type args struct {
 		bucketName string
 		objectLis  []string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  bool
 	}{
 		{
 			name: "Test empty Bucket",
 			args: args{
 				bucketName: "",
 			},
 			expectedStatus: 400,
 			expectedError:  true,
 		},
 		{
 			name: "Test empty object list",
 			args: args{
 				bucketName: "test-bucket",
 			},
 			expectedStatus: 400,
 			expectedError:  true,
 		},
 		{
 			name: "Test with bucket and object list",
 			args: args{
 				bucketName: "test-bucket",
 				objectLis: []string{
 					"my-object.txt",
 					"test-prefix/",
 					"test-prefix/nested-prefix/",
 					"test-prefix/nested-prefix/deep-nested/",
 				},
 			},
 			expectedStatus: 200,
 			expectedError:  false,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			resp, err := downloadMultipleFiles(tt.args.bucketName, tt.args.objectLis)
 			if tt.expectedError {
 				assert.Nil(err)
 				if err != nil {
 					log.Println(err)
 					return
 				}
 			}
 			if resp != nil {
 				assert.NotNil(resp)
 			}
 		})
 	}
 }
--- a/integration/policy_test.go
+++ b/integration/policy_test.go
@@ -0,0 +1,862 @@
 // This file is part of MinIO Console Server
 // Copyright (c) 2022 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package integration
 import (
 	"bytes"
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io"
 	"log"
 	"net/http"
 	"testing"
 	"time"
 	"github.com/go-openapi/swag"
 	"github.com/stretchr/testify/assert"
 )
 func AddPolicy(name, definition string) (*http.Response, error) {
 	/*
 		This is an atomic function to add user and can be reused across
 		different functions.
 	*/
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	requestDataAdd := map[string]interface{}{
 		"name":   name,
 		"policy": definition,
 	}
 	requestDataJSON, _ := json.Marshal(requestDataAdd)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
 		"POST", "http://localhost:9090/api/v1/policies", requestDataBody)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	return response, err
 }
 func SetPolicy(policies []string, entityName, entityType string) (*http.Response, error) {
 	/*
 		This is an atomic function to add user and can be reused across
 		different functions.
 	*/
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	requestDataAdd := map[string]interface{}{
 		"name":       policies,
 		"entityType": entityType,
 		"entityName": entityName,
 	}
 	requestDataJSON, _ := json.Marshal(requestDataAdd)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
 		"PUT", "http://localhost:9090/api/v1/set-policy", requestDataBody)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	return response, err
 }
 func Test_AddPolicyAPI(t *testing.T) {
 	assert := assert.New(t)
 	type args struct {
 		api    string
 		name   string
 		policy *string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Create Policy - Valid",
 			args: args{
 				api:  "/policies",
 				name: "test",
 				policy: swag.String(`
  {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation",
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::*"
      ]
    }
  ]
 }`),
 			},
 			expectedStatus: 201,
 			expectedError:  nil,
 		},
 		{
 			name: "Create Policy - Invalid",
 			args: args{
 				api:  "/policies",
 				name: "test2",
 				policy: swag.String(`
  {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation"
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::*"
      ]
    }
  ]
 }`),
 			},
 			expectedStatus: 500,
 			expectedError:  nil,
 		},
 		{
 			name: "Create Policy - Space in Name",
 			args: args{
 				api:  "/policies",
 				name: "space test",
 				policy: swag.String(`
  {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation",
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::*"
      ]
    }
  ]
 }`),
 			},
 			expectedStatus: 400,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			requestDataPolicy := map[string]interface{}{}
 			requestDataPolicy["name"] = tt.args.name
 			if tt.args.policy != nil {
 				requestDataPolicy["policy"] = *tt.args.policy
 			}
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
 				"POST", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
 			}
 		})
 	}
 }
 func Test_SetPolicyAPI(t *testing.T) {
 	assert := assert.New(t)
 	AddUser("policyuser1", "testtest", []string{}, []string{"readwrite"})
 	AddGroup("testgroup123", []string{})
 	AddPolicy("setpolicytest", `
  {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation",
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::*"
      ]
    }
  ]
  }`)
 	type args struct {
 		api        string
 		entityType string
 		entityName string
 		policyName []string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Set Policy - Valid",
 			args: args{
 				api:        "/set-policy",
 				policyName: []string{"setpolicytest"},
 				entityType: "user",
 				entityName: "policyuser1",
 			},
 			expectedStatus: 204,
 			expectedError:  nil,
 		},
 		{
 			name: "Set Policy - Invalid",
 			args: args{
 				api:        "/set-policy",
 				policyName: []string{"test3"},
 				entityType: "user",
 				entityName: "policyuser1",
 			},
 			expectedStatus: 500,
 			expectedError:  nil,
 		},
 		{
 			name: "Set Policy Group - Valid",
 			args: args{
 				api:        "/set-policy",
 				policyName: []string{"setpolicytest"},
 				entityType: "group",
 				entityName: "testgroup123",
 			},
 			expectedStatus: 204,
 			expectedError:  nil,
 		},
 		{
 			name: "Set Policy Group - Invalid",
 			args: args{
 				api:        "/set-policy",
 				policyName: []string{"test3"},
 				entityType: "group",
 				entityName: "testgroup123",
 			},
 			expectedStatus: 500,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			requestDataPolicy := map[string]interface{}{}
 			requestDataPolicy["entityName"] = tt.args.entityName
 			requestDataPolicy["entityType"] = tt.args.entityType
 			if tt.args.policyName != nil {
 				requestDataPolicy["name"] = tt.args.policyName
 			}
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
 				"PUT", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
 			}
 		})
 	}
 }
 func Test_SetPolicyMultipleAPI(t *testing.T) {
 	assert := assert.New(t)
 	AddUser("policyuser2", "testtest", []string{}, []string{"readwrite"})
 	AddUser("policyuser3", "testtest", []string{}, []string{"readwrite"})
 	AddGroup("testgroup1234", []string{})
 	AddPolicy("setpolicytest2", `
  {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation",
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::*"
      ]
    }
  ]
  }`)
 	type args struct {
 		api    string
 		users  []string
 		groups []string
 		name   []string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Set Policy - Valid",
 			args: args{
 				api:   "/set-policy-multi",
 				name:  []string{"setpolicytest2"},
 				users: []string{"policyuser2", "policyuser3"},
 			},
 			expectedStatus: 204,
 			expectedError:  nil,
 		},
 		{
 			name: "Set Policy - Invalid",
 			args: args{
 				api:   "/set-policy-multi",
 				name:  []string{"test3"},
 				users: []string{"policyuser2", "policyuser3"},
 			},
 			expectedStatus: 500,
 			expectedError:  nil,
 		},
 		{
 			name: "Set Policy Group - Valid",
 			args: args{
 				api:    "/set-policy-multi",
 				name:   []string{"setpolicytest2"},
 				groups: []string{"testgroup1234"},
 			},
 			expectedStatus: 204,
 			expectedError:  nil,
 		},
 		{
 			name: "Set Policy Group - Valid",
 			args: args{
 				api:    "/set-policy-multi",
 				name:   []string{"setpolicytest23"},
 				groups: []string{"testgroup1234"},
 			},
 			expectedStatus: 500,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			requestDataPolicy := map[string]interface{}{}
 			requestDataPolicy["name"] = tt.args.name
 			requestDataPolicy["users"] = tt.args.users
 			requestDataPolicy["groups"] = tt.args.groups
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
 				"PUT", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
 			}
 		})
 	}
 }
 func Test_ListPoliciesAPI(t *testing.T) {
 	assert := assert.New(t)
 	type args struct {
 		api string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "List Policies",
 			args: args{
 				api: "/policies",
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			request, err := http.NewRequest(
 				"GET", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), nil)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
 			}
 		})
 	}
 }
 func Test_GetPolicyAPI(t *testing.T) {
 	assert := assert.New(t)
 	AddPolicy("getpolicytest", `
  {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation",
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::*"
      ]
    }
  ]
  }`)
 	type args struct {
 		api string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Get Policies - Invalid",
 			args: args{
 				api: base64.StdEncoding.EncodeToString([]byte("test3")),
 			},
 			expectedStatus: 500,
 			expectedError:  nil,
 		},
 		{
 			name: "Get Policies - Valid",
 			args: args{
 				api: base64.StdEncoding.EncodeToString([]byte("getpolicytest")),
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			request, err := http.NewRequest(
 				"GET", fmt.Sprintf("http://localhost:9090/api/v1/policy/%s", tt.args.api), nil)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
 			}
 		})
 	}
 }
 func Test_PolicyListUsersAPI(t *testing.T) {
 	assert := assert.New(t)
 	AddUser("policyuser4", "testtest", []string{}, []string{"readwrite"})
 	AddPolicy("policylistusers", `
  {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation",
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::*"
      ]
    }
  ]
  }`)
 	SetPolicy([]string{"policylistusers"}, "policyuser4", "user")
 	type args struct {
 		api string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "List Users for Policy - Valid",
 			args: args{
 				api: "/policies/" + base64.StdEncoding.EncodeToString([]byte("policylistusers")) + "/users",
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 		{
 			name: "List Users for Policy - Invalid",
 			args: args{
 				api: "/policies/" + base64.StdEncoding.EncodeToString([]byte("test2")) + "/users",
 			},
 			expectedStatus: 404,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			request, err := http.NewRequest(
 				"GET", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), nil)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				bodyBytes, _ := io.ReadAll(response.Body)
 				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
 				if response.StatusCode == 200 {
 					assert.Equal("[\"policyuser4\"]\n", string(bodyBytes))
 				}
 			}
 		})
 	}
 }
 func Test_PolicyListGroupsAPI(t *testing.T) {
 	assert := assert.New(t)
 	AddGroup("testgroup12345", []string{})
 	AddPolicy("policylistgroups", `
  {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation",
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::*"
      ]
    }
  ]
  }`)
 	SetPolicy([]string{"policylistgroups"}, "testgroup12345", "group")
 	type args struct {
 		api string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "List Users for Policy - Valid",
 			args: args{
 				api: "/policies/" + base64.StdEncoding.EncodeToString([]byte("policylistgroups")) + "/groups",
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 		{
 			name: "List Users for Policy - Invalid",
 			args: args{
 				api: "/policies/" + base64.StdEncoding.EncodeToString([]byte("test3")) + "/groups",
 			},
 			expectedStatus: 404,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			request, err := http.NewRequest(
 				"GET", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), nil)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				bodyBytes, _ := io.ReadAll(response.Body)
 				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
 				if response.StatusCode == 200 {
 					assert.Equal("[\"testgroup12345\"]\n", string(bodyBytes))
 				}
 			}
 		})
 	}
 }
 func Test_DeletePolicyAPI(t *testing.T) {
 	assert := assert.New(t)
 	AddPolicy("testdelete", `
  {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation",
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::*"
      ]
    }
  ]
  }`)
 	type args struct {
 		api    string
 		method string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Delete Policies - Valid",
 			args: args{
 				api:    base64.StdEncoding.EncodeToString([]byte("testdelete")),
 				method: "DELETE",
 			},
 			expectedStatus: 204,
 			expectedError:  nil,
 		},
 		{
 			name: "Get Policy After Delete - Invalid",
 			args: args{
 				api:    base64.StdEncoding.EncodeToString([]byte("testdelete")),
 				method: "GET",
 			},
 			expectedStatus: 500,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			request, err := http.NewRequest(
 				tt.args.method, fmt.Sprintf("http://localhost:9090/api/v1/policy/%s", tt.args.api), nil)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
 			}
 		})
 	}
 }
 func Test_GetAUserPolicyAPI(t *testing.T) {
 	assert := assert.New(t)
 	// Create a User with a Policy to use for testing
 	groups := []string{}
 	policies := []string{"readwrite"}
 	_, err := AddUser("getuserpolicyuser", "secretKey", groups, policies)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	// encode usernames to pass to api
 	bName := []byte("getuserpolicyuser")
 	fName := []byte("failname")
 	encodedName := base64.URLEncoding.EncodeToString(bName)
 	encodedFailName := base64.URLEncoding.EncodeToString(fName)
 	type args struct {
 		api string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Get User Policy - Invalid",
 			args: args{
 				api: "/user/" + encodedFailName + "/policies",
 			},
 			expectedStatus: 401,
 			expectedError:  nil,
 		},
 		{
 			name: "Get User Policy - Valid",
 			args: args{
 				api: "/user/" + encodedName + "/policies",
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			request, err := http.NewRequest(
 				"GET", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), nil)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
 			}
 		})
 	}
 }
--- a/integration/profiling_test.go
+++ b/integration/profiling_test.go
@@ -0,0 +1,93 @@
 // This file is part of MinIO Console Server
 // Copyright (c) 2022 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package integration
 import (
 	"archive/zip"
 	"bytes"
 	"fmt"
 	"log"
 	"net/http"
 	"testing"
 	"github.com/minio/websocket"
 	"github.com/stretchr/testify/assert"
 )
 func TestStartProfiling(t *testing.T) {
 	testAssert := assert.New(t)
 	tests := []struct {
 		name string
 	}{
 		{
 			name: "start/stop profiling",
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			files := map[string]bool{
 				"profile-127.0.0.1:9000-goroutines.txt":                false,
 				"profile-127.0.0.1:9000-goroutines-before.txt":         false,
 				"profile-127.0.0.1:9000-goroutines-before,debug=2.txt": false,
 				"profile-127.0.0.1:9000-threads-before.pprof":          false,
 				"profile-127.0.0.1:9000-mem.pprof":                     false,
 				"profile-127.0.0.1:9000-threads.pprof":                 false,
 				"profile-127.0.0.1:9000-cpu.pprof":                     false,
 				"profile-127.0.0.1:9000-mem-before.pprof":              false,
 				"profile-127.0.0.1:9000-block.pprof":                   false,
 				"profile-127.0.0.1:9000-trace.trace":                   false,
 				"profile-127.0.0.1:9000-mutex.pprof":                   false,
 				"profile-127.0.0.1:9000-mutex-before.pprof":            false,
 			}
 			wsDestination := "/ws/profile?types=cpu,mem,block,mutex,trace,threads,goroutines"
 			wsFinalURL := fmt.Sprintf("ws://localhost:9090%s", wsDestination)
 			ws, _, err := websocket.DefaultDialer.Dial(wsFinalURL, nil)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			defer ws.Close()
 			_, zipFileBytes, err := ws.ReadMessage()
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			filetype := http.DetectContentType(zipFileBytes)
 			testAssert.Equal("application/zip", filetype)
 			zipReader, err := zip.NewReader(bytes.NewReader(zipFileBytes), int64(len(zipFileBytes)))
 			if err != nil {
 				testAssert.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
 			}
 			// Read all the files from zip archive
 			for _, zipFile := range zipReader.File {
 				files[zipFile.Name] = true
 			}
 			for k, v := range files {
 				testAssert.Equal(true, v, fmt.Sprintf("%s : compressed file expected to have %v file inside", tt.name, k))
 			}
 		})
 	}
 }
--- a/integration/sample-import-config.txt
+++ b/integration/sample-import-config.txt
@@ -0,0 +1,28 @@
 subnet license= api_key= proxy=
 # callhome enable=off frequency=24h
 # site name= region=
 # api requests_max=0 requests_deadline=10s cluster_deadline=10s cors_allow_origin=* remote_transport_deadline=2h list_quorum=strict replication_priority=auto transition_workers=100 stale_uploads_cleanup_interval=6h stale_uploads_expiry=24h delete_cleanup_interval=5m disable_odirect=off gzip_objects=off
 # scanner speed=default
 # compression enable=off allow_encryption=off extensions=.txt,.log,.csv,.json,.tar,.xml,.bin mime_types=text/*,application/json,application/xml,binary/octet-stream
 # identity_openid enable= display_name= config_url= client_id= client_secret= claim_name=policy claim_userinfo= role_policy= claim_prefix= redirect_uri= redirect_uri_dynamic=off scopes= vendor= keycloak_realm= keycloak_admin_url=
 # identity_ldap server_addr= srv_record_name= user_dn_search_base_dn= user_dn_search_filter= group_search_filter= group_search_base_dn= tls_skip_verify=off server_insecure=off server_starttls=off lookup_bind_dn= lookup_bind_password=
 # identity_tls skip_verify=off
 # identity_plugin url= auth_token= role_policy= role_id=
 # policy_plugin url= auth_token= enable_http2=off
 # logger_webhook enable=off endpoint= auth_token= client_cert= client_key= queue_size=100000
 # audit_webhook enable=off endpoint= auth_token= client_cert= client_key= queue_size=100000
 # audit_kafka enable=off topic= brokers= sasl_username= sasl_password= sasl_mechanism=plain client_tls_cert= client_tls_key= tls_client_auth=0 sasl=off tls=off tls_skip_verify=off version=
 # notify_webhook enable=off endpoint= auth_token= queue_limit=0 queue_dir= client_cert= client_key=
 # notify_amqp enable=off url= exchange= exchange_type= routing_key= mandatory=off durable=off no_wait=off internal=off auto_deleted=off delivery_mode=0 publisher_confirms=off queue_limit=0 queue_dir=
 # notify_kafka enable=off topic= brokers= sasl_username= sasl_password= sasl_mechanism=plain client_tls_cert= client_tls_key= tls_client_auth=0 sasl=off tls=off tls_skip_verify=off queue_limit=0 queue_dir= version=
 # notify_mqtt enable=off broker= topic= password= username= qos=0 keep_alive_interval=0s reconnect_interval=0s queue_dir= queue_limit=0
 # notify_nats enable=off address= subject= username= password= token= tls=off tls_skip_verify=off cert_authority= client_cert= client_key= ping_interval=0 jetstream=off streaming=off streaming_async=off streaming_max_pub_acks_in_flight=0 streaming_cluster_id= queue_dir= queue_limit=0
 # notify_nsq enable=off nsqd_address= topic= tls=off tls_skip_verify=off queue_dir= queue_limit=0
 # notify_mysql enable=off format=namespace dsn_string= table= queue_dir= queue_limit=0 max_open_connections=2
 # notify_postgres enable=off format=namespace connection_string= table= queue_dir= queue_limit=0 max_open_connections=2
 # notify_elasticsearch enable=off url= format=namespace index= queue_dir= queue_limit=0 username= password=
 # notify_redis enable=off format=namespace address= key= password= queue_dir= queue_limit=0
 # etcd endpoints= path_prefix= coredns_path=/skydns client_cert= client_cert_key=
 # cache drives= exclude= expiry=90 quota=80 after=0 watermark_low=70 watermark_high=80 range=on commit=
 # storage_class standard= rrs=EC:1
 # heal bitrotscan=off max_sleep=1s max_io=100
--- a/integration/service_account_test.go
+++ b/integration/service_account_test.go
@@ -0,0 +1,406 @@
 // This file is part of MinIO Console Server
 // Copyright (c) 2022 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package integration
 import (
 	"bytes"
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"log"
 	"net/http"
 	"testing"
 	"time"
 	"github.com/go-openapi/swag"
 	iampolicy "github.com/minio/pkg/iam/policy"
 	"github.com/stretchr/testify/assert"
 )
 func TestAddServiceAccount(t *testing.T) {
 	/*
 		This is an atomic API Test to add a user service account, the intention
 		is simple, add a user and make sure the response is 201 meaning that the
 		user got added successfully.
 		After test completion, it is expected that user is removed, so other
 		tests like users.ts can run over clean data and we don't collide against
 		it.
 	*/
 	assert := assert.New(t)
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	// Add service account
 	requestDataAddServiceAccount := map[string]interface{}{
 		"accessKey": "testuser1",
 		"secretKey": "password",
 	}
 	requestDataJSON, _ := json.Marshal(requestDataAddServiceAccount)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
 		"POST", "http://localhost:9090/api/v1/service-account-credentials", requestDataBody)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		fmt.Println("POST StatusCode:", response.StatusCode)
 		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
 	}
 	requestDataPolicy := map[string]interface{}{
 		"policy": `
  {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation",
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::*"
      ]
    }
  ]
 }`,
 	}
 	requestDataJSON, _ = json.Marshal(requestDataPolicy)
 	requestDataBody = bytes.NewReader(requestDataJSON)
 	request, err = http.NewRequest(
 		"PUT", "http://localhost:9090/api/v1/service-accounts/"+base64.StdEncoding.EncodeToString([]byte("testuser1"))+"/policy", requestDataBody)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err = client.Do(request)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		fmt.Println("POST StatusCode:", response.StatusCode)
 		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
 	}
 	// Test policy
 	request, err = http.NewRequest(
 		"GET", "http://localhost:9090/api/v1/service-accounts/"+base64.StdEncoding.EncodeToString([]byte("testuser1"))+"/policy", nil)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err = client.Do(request)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		fmt.Println("POST StatusCode:", response.StatusCode)
 		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
 		buf := new(bytes.Buffer)
 		buf.ReadFrom(response.Body)
 		var actual *iampolicy.Policy
 		var expected *iampolicy.Policy
 		json.Unmarshal(buf.Bytes(), actual)
 		policy, err := json.Marshal(requestDataAddServiceAccount["policy"])
 		if err != nil {
 			log.Println(err)
 			return
 		}
 		json.Unmarshal(policy, expected)
 		assert.Equal(expected, actual)
 	}
 	// {{baseUrl}}/user?name=proident velit
 	// Investiga como se borra en el browser.
 	request, err = http.NewRequest(
 		"DELETE", "http://localhost:9090/api/v1/service-accounts/"+base64.StdEncoding.EncodeToString([]byte("testuser1")), nil)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err = client.Do(request)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		fmt.Println("DELETE StatusCode:", response.StatusCode)
 		assert.Equal(204, response.StatusCode, "has to be 204 when delete user")
 	}
 }
 func Test_ServiceAccountsAPI(t *testing.T) {
 	assert := assert.New(t)
 	type args struct {
 		api    string
 		policy *string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Create Service Account - Default",
 			args: args{
 				api:    "/service-accounts",
 				policy: nil,
 			},
 			expectedStatus: 201,
 			expectedError:  nil,
 		},
 		{
 			name: "Create Service Account - Valid Policy",
 			args: args{
 				api: "/service-accounts",
 				policy: swag.String(`
  {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation",
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::*"
      ]
    }
  ]
 }`),
 			},
 			expectedStatus: 201,
 			expectedError:  nil,
 		},
 		{
 			name: "Create Service Account - Invalid Policy",
 			args: args{
 				api: "/service-accounts",
 				policy: swag.String(`
  {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation"
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::*"
      ]
    }
  ]
 }`),
 			},
 			expectedStatus: 500,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			// Add service account
 			requestDataPolicy := map[string]interface{}{}
 			if tt.args.policy != nil {
 				requestDataPolicy["policy"] = *tt.args.policy
 			}
 			requestDataJSON, _ := json.Marshal(requestDataPolicy)
 			requestDataBody := bytes.NewReader(requestDataJSON)
 			request, err := http.NewRequest(
 				"POST", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), requestDataBody)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
 		})
 	}
 }
 func DeleteMultipleServiceAccounts(serviceAccounts []string) (*http.Response, error) {
 	/*
 		Helper function to delete multiple service accounts
 		URL: http://localhost:9001/api/v1/service-accounts/delete-multi
 		HTTP Verb: DELETE
 		Data: ["U3RADB7J2ZZHELR0WSBB","ZE8H1HYOA6AVGKFCV6YU"]
 		Response: Status Code: 204 No Content
 	*/
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	requestDataJSON, _ := json.Marshal(serviceAccounts)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
 		"DELETE", "http://localhost:9090/api/v1/service-accounts/delete-multi", requestDataBody)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	return response, err
 }
 func TestCreateServiceAccountForUserWithCredentials(t *testing.T) {
 	/*
 		To test creation of service account for a user.
 	*/
 	// Test's variables
 	userName := "testcreateserviceaccountforuserwithcredentials1"
 	assert := assert.New(t)
 	policy := ""
 	serviceAccountLengthInBytes := 40 // As observed, update as needed
 	// 1. Create the user
 	groups := []string{}
 	policies := []string{}
 	secretKey := "testcreateserviceaccountforuserwithcrede"
 	response, err := AddUser(userName, "secretKey", groups, policies)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		fmt.Println("StatusCode:", response.StatusCode)
 		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
 	}
 	// Table driven testing part
 	type args struct {
 		accessKey string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 	}{
 		{
 			name:           "Service Account With Valid Credentials",
 			expectedStatus: 201,
 			args: args{
 				accessKey: "testcreateserviceacc",
 			},
 		},
 		{
 			name:           "Service Account With Invalid Credentials",
 			expectedStatus: 500,
 			args: args{
 				accessKey: "tooooooooooooooooooooolongggggggggggggggggg",
 			},
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			// 2. Create the service account for the user
 			createServiceAccountWithCredentialsResponse,
 				createServiceAccountWithCredentialsError := CreateServiceAccountForUserWithCredentials(
 				userName,
 				policy,
 				tt.args.accessKey,
 				secretKey,
 			)
 			if createServiceAccountWithCredentialsError != nil {
 				log.Println(createServiceAccountWithCredentialsError)
 				assert.Fail("Error in createServiceAccountWithCredentialsError")
 			}
 			if createServiceAccountWithCredentialsResponse != nil {
 				fmt.Println("StatusCode:", createServiceAccountWithCredentialsResponse.StatusCode)
 				assert.Equal(
 					tt.expectedStatus, // different status expected per table's row
 					createServiceAccountWithCredentialsResponse.StatusCode,
 					inspectHTTPResponse(createServiceAccountWithCredentialsResponse),
 				)
 			}
 			// 3. Verify the service account for the user
 			listOfAccountsResponse,
 				listOfAccountsError := ReturnsAListOfServiceAccountsForAUser(userName)
 			if listOfAccountsError != nil {
 				log.Println(listOfAccountsError)
 				assert.Fail("Error in listOfAccountsError")
 			}
 			finalResponse := inspectHTTPResponse(listOfAccountsResponse)
 			if listOfAccountsResponse != nil {
 				fmt.Println("StatusCode:", listOfAccountsResponse.StatusCode)
 				assert.Equal(
 					200, listOfAccountsResponse.StatusCode,
 					finalResponse,
 				)
 			}
 			assert.Equal(len(finalResponse), serviceAccountLengthInBytes, finalResponse)
 		})
 	}
 	// Delete Multiple Service Accounts
 	serviceAccount := make([]string, 1)
 	serviceAccount[0] = "testcreateserviceacc"
 	response, err = DeleteMultipleServiceAccounts(serviceAccount)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		fmt.Println("StatusCode:", response.StatusCode)
 		assert.Equal(
 			204,
 			response.StatusCode,
 			inspectHTTPResponse(response),
 		)
 	}
 }
--- a/integration/tiers_test.go
+++ b/integration/tiers_test.go
@@ -0,0 +1,53 @@
 // This file is part of MinIO Console Server
 // Copyright (c) 2022 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package integration
 import (
 	"fmt"
 	"log"
 	"net/http"
 	"testing"
 	"time"
 	"github.com/stretchr/testify/assert"
 )
 func TestTiersList(t *testing.T) {
 	assert := assert.New(t)
 	// image for now:
 	// minio: 9000
 	// console: 9090
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	request, err := http.NewRequest("GET", "http://localhost:9090/api/v1/admin/tiers", nil)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	assert.NotNil(response, "Tiers List response is nil")
 	assert.Nil(err, "Tiers List errored out")
 	assert.Equal(response.StatusCode, 200)
 }
--- a/integration/user_api_bucket_test.go
+++ b/integration/user_api_bucket_test.go
--- a/integration/users_test.go
+++ b/integration/users_test.go
@@ -0,0 +1,922 @@
 // This file is part of MinIO Console Server
 // Copyright (c) 2022 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package integration
 import (
 	"bytes"
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io"
 	"log"
 	"net/http"
 	"strconv"
 	"strings"
 	"testing"
 	"time"
 	"github.com/stretchr/testify/assert"
 )
 func AddUser(accessKey, secretKey string, groups, policies []string) (*http.Response, error) {
 	/*
 		This is an atomic function to add user and can be reused across
 		different functions.
 	*/
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	requestDataAdd := map[string]interface{}{
 		"accessKey": accessKey,
 		"secretKey": secretKey,
 		"groups":    groups,
 		"policies":  policies,
 	}
 	requestDataJSON, _ := json.Marshal(requestDataAdd)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
 		"POST", "http://localhost:9090/api/v1/users", requestDataBody)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	return response, err
 }
 func DeleteUser(userName string) (*http.Response, error) {
 	userName = base64.StdEncoding.EncodeToString([]byte(userName))
 	/*
 		This is an atomic function to delete user and can be reused across
 		different functions.
 	*/
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	request, err := http.NewRequest(
 		"DELETE", "http://localhost:9090/api/v1/user/"+userName, nil)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	return response, err
 }
 func ListUsers(offset, limit string) (*http.Response, error) {
 	/*
 		This is an atomic function to list users.
 		{{baseUrl}}/users?offset=-5480083&limit=-5480083
 	*/
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	request, err := http.NewRequest(
 		"GET",
 		"http://localhost:9090/api/v1/users?offset="+offset+"&limit="+limit,
 		nil)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	return response, err
 }
 func GetUserInformation(userName string) (*http.Response, error) {
 	userName = base64.StdEncoding.EncodeToString([]byte(userName))
 	/*
 		Helper function to get user information via API:
 		{{baseUrl}}/user?name=proident velit
 	*/
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	request, err := http.NewRequest(
 		"GET",
 		"http://localhost:9090/api/v1/user/"+userName,
 		nil)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	return response, err
 }
 func UpdateUserInformation(name, status string, groups []string) (*http.Response, error) {
 	name = base64.StdEncoding.EncodeToString([]byte(name))
 	/*
 		Helper function to update user information:
 		PUT: {{baseUrl}}/user?name=proident velit
 		Body:
 		{
 			"status": "nisi voluptate amet ea",
 			"groups": [
 				"ipsum eu cupidatat",
 				"aliquip non nulla"
 			]
 		}
 	*/
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	requestDataAdd := map[string]interface{}{
 		"status": status,
 		"groups": groups,
 	}
 	requestDataJSON, _ := json.Marshal(requestDataAdd)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
 		"PUT", "http://localhost:9090/api/v1/user/"+name, requestDataBody)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	return response, err
 }
 func RemoveUser(name string) (*http.Response, error) {
 	name = base64.StdEncoding.EncodeToString([]byte(name))
 	/*
 		Helper function to remove user.
 		DELETE: {{baseUrl}}/user?name=proident velit
 	*/
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	request, err := http.NewRequest(
 		"DELETE", "http://localhost:9090/api/v1/user/"+name, nil)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	return response, err
 }
 func UpdateGroupsForAUser(userName string, groups []string) (*http.Response, error) {
 	userName = base64.StdEncoding.EncodeToString([]byte(userName))
 	/*
 		Helper function to update groups for a user
 		PUT: {{baseUrl}}/user/groups?name=username
 		{
 			"groups":[
 				"groupone",
 				"grouptwo"
 			]
 		}
 	*/
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	requestDataAdd := map[string]interface{}{
 		"groups": groups,
 	}
 	requestDataJSON, _ := json.Marshal(requestDataAdd)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
 		"PUT",
 		"http://localhost:9090/api/v1/user/"+userName+"/groups",
 		requestDataBody,
 	)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	return response, err
 }
 func CreateServiceAccountForUser(userName, policy string) (*http.Response, error) {
 	userName = base64.StdEncoding.EncodeToString([]byte(userName))
 	/*
 		Helper function to Create Service Account for user
 		POST: api/v1/user/username/service-accounts
 		{
 			"policy": "ad magna"
 		}
 	*/
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	requestDataAdd := map[string]interface{}{
 		"policy": policy,
 	}
 	requestDataJSON, _ := json.Marshal(requestDataAdd)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
 		"POST",
 		"http://localhost:9090/api/v1/user/"+userName+"/service-accounts",
 		requestDataBody,
 	)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	return response, err
 }
 func CreateServiceAccountForUserWithCredentials(userName, policy, accessKey, secretKey string) (*http.Response, error) {
 	userName = base64.StdEncoding.EncodeToString([]byte(userName))
 	// Helper function to test "Create Service Account for User With Credentials" end point.
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	requestDataAdd := map[string]interface{}{
 		"policy":    policy,
 		"accessKey": accessKey,
 		"secretKey": secretKey,
 	}
 	requestDataJSON, _ := json.Marshal(requestDataAdd)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
 		"POST",
 		"http://localhost:9090/api/v1/user/"+userName+"/service-account-credentials",
 		requestDataBody,
 	)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	return response, err
 }
 func ReturnsAListOfServiceAccountsForAUser(userName string) (*http.Response, error) {
 	userName = base64.StdEncoding.EncodeToString([]byte(userName))
 	/*
 		Helper function to return a list of service accounts for a user.
 		GET: {{baseUrl}}/user/:name/service-accounts
 	*/
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	request, err := http.NewRequest(
 		"GET",
 		"http://localhost:9090/api/v1/user/"+userName+"/service-accounts",
 		nil,
 	)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	return response, err
 }
 func AddGroup(group string, members []string) (*http.Response, error) {
 	/*
 		Helper function to add a group.
 	*/
 	client := &http.Client{
 		Timeout: 3 * time.Second,
 	}
 	requestDataAdd := map[string]interface{}{
 		"group":   group,
 		"members": members,
 	}
 	requestDataJSON, _ := json.Marshal(requestDataAdd)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
 		"POST",
 		"http://localhost:9090/api/v1/groups",
 		requestDataBody,
 	)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	response, err := client.Do(request)
 	return response, err
 }
 func UsersGroupsBulk(users, groups []string) (*http.Response, error) {
 	/*
 		Helper function to test Bulk functionality to Add Users to Groups.
 		PUT: {{baseUrl}}/users-groups-bulk
 		{
 			"users": [
 				"magna id",
 				"enim sit tempor incididunt"
 			],
 			"groups": [
 				"nisi est esse",
 				"fugiat eu"
 			]
 		}
 	*/
 	requestDataAdd := map[string]interface{}{
 		"users":  users,
 		"groups": groups,
 	}
 	requestDataJSON, _ := json.Marshal(requestDataAdd)
 	requestDataBody := bytes.NewReader(requestDataJSON)
 	request, err := http.NewRequest(
 		"PUT",
 		"http://localhost:9090/api/v1/users-groups-bulk",
 		requestDataBody,
 	)
 	if err != nil {
 		log.Println(err)
 	}
 	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 	request.Header.Add("Content-Type", "application/json")
 	client := &http.Client{
 		Timeout: 2 * time.Second,
 	}
 	response, err := client.Do(request)
 	return response, err
 }
 func TestAddUser(t *testing.T) {
 	/*
 		This is an API Test to add a user via api/v1/users, the intention
 		is simple, add a user and make sure the response is 201 meaning that the
 		user got added successfully.
 		After test completion, it is expected that user is removed, so other
 		tests like users.ts can run over clean data and we don't collide against
 		it.
 	*/
 	assert := assert.New(t)
 	// With no groups & no policies
 	groups := []string{}
 	policies := []string{}
 	response, err := AddUser("accessKey", "secretKey", groups, policies)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		fmt.Println("POST StatusCode:", response.StatusCode)
 		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
 	}
 	response, err = DeleteUser("accessKey")
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		fmt.Println("DELETE StatusCode:", response.StatusCode)
 		assert.Equal(204, response.StatusCode, "has to be 204 when delete user")
 	}
 }
 func TestListUsers(t *testing.T) {
 	/*
 		This test is intended to list users via API.
 		1. First, it creates the users
 		2. Then, it lists the users <------ 200 is expected when listing them.
 		3. Finally, it deletes the users
 	*/
 	assert := assert.New(t)
 	// With no groups & no policies
 	groups := []string{}
 	policies := []string{}
 	// 1. Create the users
 	numberOfUsers := 5
 	for i := 1; i < numberOfUsers; i++ {
 		response, err := AddUser(
 			strconv.Itoa(i)+"accessKey"+strconv.Itoa(i),
 			"secretKey"+strconv.Itoa(i), groups, policies)
 		if err != nil {
 			log.Println(err)
 			return
 		}
 		if response != nil {
 			fmt.Println("POST StatusCode:", response.StatusCode)
 			assert.Equal(201, response.StatusCode,
 				"Status Code is incorrect on index: "+strconv.Itoa(i))
 		}
 		b, err := io.ReadAll(response.Body)
 		if err != nil {
 			log.Fatalln(err)
 		}
 		fmt.Println(string(b))
 	}
 	// 2. List the users
 	listResponse, listError := ListUsers("-5480083", "-5480083")
 	if listError != nil {
 		log.Fatalln(listError)
 	}
 	if listResponse != nil {
 		fmt.Println("POST StatusCode:", listResponse.StatusCode)
 		assert.Equal(200, listResponse.StatusCode,
 			"TestListUsers(): Status Code is incorrect when listing users")
 	}
 	b, err := io.ReadAll(listResponse.Body)
 	if err != nil {
 		log.Fatalln(err)
 	}
 	fmt.Println(string(b))
 	// 3. Delete the users
 	for i := 1; i < numberOfUsers; i++ {
 		response, err := DeleteUser(
 			strconv.Itoa(i) + "accessKey" + strconv.Itoa(i))
 		if err != nil {
 			log.Println(err)
 			return
 		}
 		if response != nil {
 			fmt.Println("DELETE StatusCode:", response.StatusCode)
 			assert.Equal(204,
 				response.StatusCode, "has to be 204 when delete user")
 		}
 	}
 }
 func TestGetUserInfo(t *testing.T) {
 	/*
 		Test to get the user information via API.
 	*/
 	// 1. Create the user
 	fmt.Println("TestGetUserInfo(): 1. Create the user")
 	assert := assert.New(t)
 	groups := []string{}
 	policies := []string{}
 	response, err := AddUser("accessKey", "secretKey", groups, policies)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		fmt.Println("POST StatusCode:", response.StatusCode)
 		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
 	}
 	// 2. Get user information
 	fmt.Println("TestGetUserInfo(): 2. Get user information")
 	response, err = GetUserInformation("accessKey")
 	if err != nil {
 		log.Println(err)
 		assert.Fail("There was an error in the response")
 		return
 	}
 	// 3. Verify user information
 	fmt.Println("TestGetUserInfo(): 3. Verify user information")
 	if response != nil {
 		fmt.Println("POST StatusCode:", response.StatusCode)
 		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
 	}
 	b, err := io.ReadAll(response.Body)
 	if err != nil {
 		log.Fatalln(err)
 	}
 	fmt.Println(string(b))
 	expected := "{\"accessKey\":\"accessKey\",\"memberOf\":null,\"policy\":[],\"status\":\"enabled\"}\n"
 	obtained := string(b)
 	assert.Equal(expected, obtained, "User Information is wrong")
 }
 func TestUpdateUserInfoSuccessfulResponse(t *testing.T) {
 	/*
 		Update User Information Test with Successful Response
 	*/
 	assert := assert.New(t)
 	// 1. Create an active user
 	groups := []string{}
 	policies := []string{}
 	addUserResponse, addUserError := AddUser(
 		"updateuser", "secretKey", groups, policies)
 	if addUserError != nil {
 		log.Println(addUserError)
 		return
 	}
 	if addUserResponse != nil {
 		fmt.Println("StatusCode:", addUserResponse.StatusCode)
 		assert.Equal(
 			201, addUserResponse.StatusCode, "Status Code is incorrect")
 	}
 	// 2. Deactivate the user
 	// '{"status":"disabled","groups":[]}'
 	updateUserResponse, UpdateUserError := UpdateUserInformation(
 		"updateuser", "disabled", groups)
 	// 3. Verify user got deactivated
 	if UpdateUserError != nil {
 		log.Println(UpdateUserError)
 		return
 	}
 	if updateUserResponse != nil {
 		fmt.Println("StatusCode:", updateUserResponse.StatusCode)
 		assert.Equal(
 			200, updateUserResponse.StatusCode, "Status Code is incorrect")
 	}
 	b, err := io.ReadAll(updateUserResponse.Body)
 	if err != nil {
 		log.Fatalln(err)
 	}
 	assert.True(strings.Contains(string(b), "disabled"))
 }
 func TestUpdateUserInfoGenericErrorResponse(t *testing.T) {
 	/*
 		Update User Information Test with Generic Error Response
 	*/
 	assert := assert.New(t)
 	// 1. Create an active user
 	groups := []string{}
 	policies := []string{}
 	addUserResponse, addUserError := AddUser(
 		"updateusererror", "secretKey", groups, policies)
 	if addUserError != nil {
 		log.Println(addUserError)
 		return
 	}
 	if addUserResponse != nil {
 		fmt.Println("StatusCode:", addUserResponse.StatusCode)
 		assert.Equal(
 			201, addUserResponse.StatusCode, "Status Code is incorrect")
 	}
 	// 2. Deactivate the user with wrong status
 	updateUserResponse, UpdateUserError := UpdateUserInformation(
 		"updateusererror", "inactive", groups)
 	// 3. Verify user got deactivated
 	if UpdateUserError != nil {
 		log.Println(UpdateUserError)
 		assert.Fail("There was an error while updating user info")
 		return
 	}
 	if updateUserResponse != nil {
 		fmt.Println("StatusCode:", updateUserResponse.StatusCode)
 		assert.Equal(
 			500, updateUserResponse.StatusCode, "Status Code is incorrect")
 	}
 	b, err := io.ReadAll(updateUserResponse.Body)
 	if err != nil {
 		log.Fatalln(err)
 	}
 	assert.True(strings.Contains(string(b), "status not valid"))
 }
 func TestRemoveUserSuccessfulResponse(t *testing.T) {
 	/*
 		To test removing a user from API
 	*/
 	assert := assert.New(t)
 	// 1. Create an active user
 	groups := []string{}
 	policies := []string{}
 	addUserResponse, addUserError := AddUser(
 		"testremoveuser1", "secretKey", groups, policies)
 	if addUserError != nil {
 		log.Println(addUserError)
 		return
 	}
 	if addUserResponse != nil {
 		fmt.Println("StatusCode:", addUserResponse.StatusCode)
 		assert.Equal(
 			201, addUserResponse.StatusCode, "Status Code is incorrect")
 	}
 	// 2. Remove the user
 	removeUserResponse, removeUserError := RemoveUser("testremoveuser1")
 	if removeUserError != nil {
 		log.Println(removeUserError)
 		return
 	}
 	if removeUserResponse != nil {
 		fmt.Println("StatusCode:", removeUserResponse.StatusCode)
 		assert.Equal(
 			204, removeUserResponse.StatusCode, "Status Code is incorrect")
 	}
 	// 3. Verify the user got removed
 	getUserInfoResponse, getUserInfoError := GetUserInformation(
 		"testremoveuser1")
 	if getUserInfoError != nil {
 		log.Println(getUserInfoError)
 		assert.Fail("There was an error in the response")
 		return
 	}
 	if getUserInfoResponse != nil {
 		fmt.Println("StatusCode:", getUserInfoResponse.StatusCode)
 		assert.Equal(
 			404, getUserInfoResponse.StatusCode, "Status Code is incorrect")
 	}
 	finalResponse := inspectHTTPResponse(getUserInfoResponse)
 	fmt.Println(finalResponse)
 	assert.True(strings.Contains(
 		finalResponse, "The specified user does not exist"), finalResponse)
 }
 func TestUpdateGroupsForAUser(t *testing.T) {
 	/*
 		To test Update Groups For a User End Point.
 	*/
 	// 1. Create the user
 	numberOfGroups := 3
 	groupName := "updategroupforausergroup"
 	userName := "updategroupsforauser1"
 	assert := assert.New(t)
 	groups := []string{}
 	policies := []string{}
 	response, err := AddUser(userName, "secretKey", groups, policies)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		fmt.Println("StatusCode:", response.StatusCode)
 		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
 	}
 	// 2. Update the groups of the created user with newGroups
 	newGroups := make([]string, 3)
 	for i := 0; i < numberOfGroups; i++ {
 		newGroups[i] = groupName + strconv.Itoa(i)
 	}
 	response, err = UpdateGroupsForAUser(userName, newGroups)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		fmt.Println("StatusCode:", response.StatusCode)
 		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
 	}
 	// 3. Verify the newGroups were updated accordingly
 	getUserInfoResponse, getUserInfoErr := GetUserInformation(userName)
 	if getUserInfoErr != nil {
 		log.Println(getUserInfoErr)
 		assert.Fail("There was an error in the response")
 		return
 	}
 	if getUserInfoResponse != nil {
 		fmt.Println("StatusCode:", getUserInfoResponse.StatusCode)
 		assert.Equal(
 			200, getUserInfoResponse.StatusCode, "Status Code is incorrect")
 	}
 	finalResponse := inspectHTTPResponse(getUserInfoResponse)
 	for i := 0; i < numberOfGroups; i++ {
 		assert.True(strings.Contains(
 			finalResponse, groupName+strconv.Itoa(i)), finalResponse)
 	}
 }
 func TestCreateServiceAccountForUser(t *testing.T) {
 	/*
 		To test creation of service account for a user.
 	*/
 	// Test's variables
 	userName := "testcreateserviceaccountforuser1"
 	assert := assert.New(t)
 	policy := ""
 	serviceAccountLengthInBytes := 40 // As observed, update as needed
 	// 1. Create the user
 	groups := []string{}
 	policies := []string{}
 	response, err := AddUser(userName, "secretKey", groups, policies)
 	if err != nil {
 		log.Println(err)
 		return
 	}
 	if response != nil {
 		fmt.Println("StatusCode:", response.StatusCode)
 		assert.Equal(201, response.StatusCode, "Status Code is incorrect")
 	}
 	// 2. Create the service account for the user
 	createServiceAccountResponse,
 		createServiceAccountError := CreateServiceAccountForUser(
 		userName,
 		policy,
 	)
 	if createServiceAccountError != nil {
 		log.Println(createServiceAccountError)
 		assert.Fail("Error in createServiceAccountError")
 	}
 	if createServiceAccountResponse != nil {
 		fmt.Println("StatusCode:", createServiceAccountResponse.StatusCode)
 		assert.Equal(
 			201, createServiceAccountResponse.StatusCode,
 			inspectHTTPResponse(createServiceAccountResponse),
 		)
 	}
 	// 3. Verify the service account for the user
 	listOfAccountsResponse, listOfAccountsError := ReturnsAListOfServiceAccountsForAUser(userName)
 	fmt.Println(listOfAccountsResponse, listOfAccountsError)
 	if listOfAccountsError != nil {
 		log.Println(listOfAccountsError)
 		assert.Fail("Error in listOfAccountsError")
 	}
 	finalResponse := inspectHTTPResponse(listOfAccountsResponse)
 	if listOfAccountsResponse != nil {
 		fmt.Println("StatusCode:", listOfAccountsResponse.StatusCode)
 		assert.Equal(
 			200, listOfAccountsResponse.StatusCode,
 			finalResponse,
 		)
 	}
 	assert.Equal(len(finalResponse), serviceAccountLengthInBytes, finalResponse)
 }
 func TestUsersGroupsBulk(t *testing.T) {
 	/*
 		To test UsersGroupsBulk End Point
 	*/
 	// Vars
 	assert := assert.New(t)
 	numberOfUsers := 5
 	numberOfGroups := 1
 	// var groups = []string{}
 	policies := []string{}
 	username := "testusersgroupbulk"
 	groupName := "testusersgroupsbulkgroupone"
 	members := []string{}
 	users := make([]string, numberOfUsers)
 	groups := make([]string, numberOfGroups)
 	// 1. Create some users
 	for i := 0; i < numberOfUsers; i++ {
 		users[i] = username + strconv.Itoa(i)
 		response, err := AddUser(
 			users[i],
 			"secretKey"+strconv.Itoa(i), []string{}, policies)
 		if err != nil {
 			log.Println(err)
 			return
 		}
 		if response != nil {
 			fmt.Println("POST StatusCode:", response.StatusCode)
 			assert.Equal(201, response.StatusCode,
 				"Status Code is incorrect on index: "+strconv.Itoa(i))
 		}
 	}
 	// 2. Create a group with no members
 	responseAddGroup, errorAddGroup := AddGroup(groupName, members)
 	if errorAddGroup != nil {
 		log.Println(errorAddGroup)
 		return
 	}
 	finalResponse := inspectHTTPResponse(responseAddGroup)
 	if responseAddGroup != nil {
 		fmt.Println("POST StatusCode:", responseAddGroup.StatusCode)
 		assert.Equal(
 			201,
 			responseAddGroup.StatusCode,
 			finalResponse,
 		)
 	}
 	// 3. Add users to the group
 	groups[0] = groupName
 	responseUsersGroupsBulk, errorUsersGroupsBulk := UsersGroupsBulk(
 		users,
 		groups,
 	)
 	if errorUsersGroupsBulk != nil {
 		log.Println(errorUsersGroupsBulk)
 		return
 	}
 	finalResponse = inspectHTTPResponse(responseUsersGroupsBulk)
 	if responseUsersGroupsBulk != nil {
 		fmt.Println("POST StatusCode:", responseUsersGroupsBulk.StatusCode)
 		assert.Equal(
 			200,
 			responseUsersGroupsBulk.StatusCode,
 			finalResponse,
 		)
 	}
 	// 4. Verify users got added to the group
 	for i := 0; i < numberOfUsers; i++ {
 		responseGetUserInfo, errGetUserInfo := GetUserInformation(
 			username + strconv.Itoa(i),
 		)
 		if errGetUserInfo != nil {
 			log.Println(errGetUserInfo)
 			assert.Fail("There was an error in the response")
 			return
 		}
 		finalResponse = inspectHTTPResponse(responseGetUserInfo)
 		if responseGetUserInfo != nil {
 			assert.Equal(200, responseGetUserInfo.StatusCode, finalResponse)
 		}
 		// Make sure the user belongs to the created group
 		assert.True(strings.Contains(finalResponse, groupName))
 	}
 }
 func Test_GetUserPolicyAPI(t *testing.T) {
 	assert := assert.New(t)
 	// 1. Create an active user with valid policy
 	groups := []string{}
 	policies := []string{"readwrite"}
 	addUserResponse, addUserError := AddUser(
 		"getpolicyuser", "secretKey", groups, policies)
 	if addUserError != nil {
 		log.Println(addUserError)
 		return
 	}
 	if addUserResponse != nil {
 		fmt.Println("StatusCode:", addUserResponse.StatusCode)
 		assert.Equal(
 			201, addUserResponse.StatusCode, "Status Code is incorrect")
 	}
 	type args struct {
 		api string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Get User Policies",
 			args: args{
 				api: "/user/policy",
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			request, err := http.NewRequest(
 				"GET", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), nil)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
 			}
 		})
 	}
 }
--- a/integration/version_test.go
+++ b/integration/version_test.go
@@ -0,0 +1,73 @@
 // This file is part of MinIO Console Server
 // Copyright (c) 2022 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package integration
 import (
 	"fmt"
 	"log"
 	"net/http"
 	"testing"
 	"time"
 	"github.com/stretchr/testify/assert"
 )
 func Test_VersionAPI(t *testing.T) {
 	assert := assert.New(t)
 	type args struct {
 		api string
 	}
 	tests := []struct {
 		name           string
 		args           args
 		expectedStatus int
 		expectedError  error
 	}{
 		{
 			name: "Check Version",
 			args: args{
 				api: "/check-version",
 			},
 			expectedStatus: 200,
 			expectedError:  nil,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			client := &http.Client{
 				Timeout: 3 * time.Second,
 			}
 			request, err := http.NewRequest(
 				"GET", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), nil)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			request.Header.Add("Content-Type", "application/json")
 			response, err := client.Do(request)
 			if err != nil {
 				log.Println(err)
 				return
 			}
 			if response != nil {
 				assert.Equal(tt.expectedStatus, response.StatusCode, "Status Code is incorrect")
 			}
 		})
 	}
 }
--- a/k8s/create-kind.sh
+++ b/k8s/create-kind.sh
@@ -1,44 +0,0 @@
 #!/bin/bash
 # setup environment variables based on flags to see if we should build the docker containers again
 CONSOLE_DOCKER="true"
 # evaluate flags
 # `-m` for console
 while getopts ":m:" opt; do
  case $opt in
    m)
 	  CONSOLE_DOCKER="$OPTARG"
      ;;
    \?)
      echo "Invalid option: -$OPTARG" >&2
      exit 1
      ;;
    :)
      echo "Option -$OPTARG requires an argument." >&2
      exit 1
      ;;
  esac
 done
 echo "Provisioning Kind"
 kind create cluster  --config kind-cluster.yaml
 echo "Remove Master Taint"
 kubectl taint nodes --all node-role.kubernetes.io/master-
 echo "Install Contour"
 kubectl apply -f https://projectcontour.io/quickstart/contour.yaml
 kubectl patch daemonsets -n projectcontour envoy -p '{"spec":{"template":{"spec":{"nodeSelector":{"ingress-ready":"true"},"tolerations":[{"key":"node-role.kubernetes.io/master","operator":"Equal","effect":"NoSchedule"}]}}}}'
 echo "install metrics server"
 kubectl apply -f metrics-dev.yaml
 # Whether or not to build the m3 container and load it to kind or just load it
 if [[ $CONSOLE_DOCKER == "true" ]]; then
 	# Build mkube
  make --directory=".." k8sdev TAG=minio/console:latest
 else
 	kind load docker-image minio/console:latest
 fi
 echo "done"
--- a/k8s/kind-cluster.yaml
+++ b/k8s/kind-cluster.yaml
@@ -1,22 +0,0 @@
 # three node (two workers) cluster config
 kind: Cluster
 apiVersion: kind.x-k8s.io/v1alpha4
 nodes:
 - role: control-plane
  kubeadmConfigPatches:
  - |
    kind: InitConfiguration
    nodeRegistration:
      kubeletExtraArgs:
        node-labels: "ingress-ready=true"
  extraPortMappings:
    - containerPort: 80
      hostPort: 8844
      protocol: TCP
    - containerPort: 443
      hostPort: 8843
      protocol: TCP
 #- role: worker
 #- role: worker
 #- role: worker
 #- role: worker
--- a/k8s/metrics-dev.yaml
+++ b/k8s/metrics-dev.yaml
@@ -1,153 +0,0 @@
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  name: system:aggregated-metrics-reader
  labels:
    rbac.authorization.k8s.io/aggregate-to-view: "true"
    rbac.authorization.k8s.io/aggregate-to-edit: "true"
    rbac.authorization.k8s.io/aggregate-to-admin: "true"
 rules:
  - apiGroups: ["metrics.k8s.io"]
    resources: ["pods", "nodes"]
    verbs: ["get", "list", "watch"]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
  name: metrics-server:system:auth-delegator
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:auth-delegator
 subjects:
  - kind: ServiceAccount
    name: metrics-server
    namespace: kube-system
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  name: metrics-server-auth-reader
  namespace: kube-system
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: extension-apiserver-authentication-reader
 subjects:
  - kind: ServiceAccount
    name: metrics-server
    namespace: kube-system
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  name: system:metrics-server
 rules:
  - apiGroups:
      - ""
    resources:
      - pods
      - nodes
      - nodes/stats
      - namespaces
      - configmaps
    verbs:
      - get
      - list
      - watch
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
  name: system:metrics-server
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:metrics-server
 subjects:
  - kind: ServiceAccount
    name: metrics-server
    namespace: kube-system
 ---
 apiVersion: apiregistration.k8s.io/v1beta1
 kind: APIService
 metadata:
  name: v1beta1.metrics.k8s.io
 spec:
  service:
    name: metrics-server
    namespace: kube-system
  group: metrics.k8s.io
  version: v1beta1
  insecureSkipTLSVerify: true
  groupPriorityMinimum: 100
  versionPriority: 100
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: metrics-server
  namespace: kube-system
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: metrics-server
  namespace: kube-system
  labels:
    kubernetes.io/name: "Metrics-server"
    kubernetes.io/cluster-service: "true"
 spec:
  selector:
    k8s-app: metrics-server
  ports:
    - port: 443
      protocol: TCP
      targetPort: main-port
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: metrics-server
  namespace: kube-system
  labels:
    k8s-app: metrics-server
 spec:
  selector:
    matchLabels:
      k8s-app: metrics-server
  template:
    metadata:
      name: metrics-server
      labels:
        k8s-app: metrics-server
    spec:
      serviceAccountName: metrics-server
      volumes:
        # mount in tmp so we can safely use from-scratch images and/or read-only containers
        - name: tmp-dir
          emptyDir: {}
      containers:
        - name: metrics-server
          image: k8s.gcr.io/metrics-server-amd64:v0.3.6
          args:
            - --cert-dir=/tmp
            - --secure-port=4443
            - --kubelet-insecure-tls
            - --kubelet-preferred-address-types=InternalIP
          ports:
            - name: main-port
              containerPort: 4443
              protocol: TCP
          securityContext:
            readOnlyRootFilesystem: true
            runAsNonRoot: true
            runAsUser: 1000
          imagePullPolicy: Always
          volumeMounts:
            - name: tmp-dir
              mountPath: /tmp
      nodeSelector:
        beta.kubernetes.io/os: linux
        kubernetes.io/arch: "amd64"
--- a/k8s/operator-console/base/console-cluster-role-binding.yaml
+++ b/k8s/operator-console/base/console-cluster-role-binding.yaml
@@ -1,12 +0,0 @@
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
  name: console-sa-binding
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: console-sa-role
 subjects:
  - kind: ServiceAccount
    name: console-sa
    namespace: default
--- a/k8s/operator-console/base/console-cluster-role.yaml
+++ b/k8s/operator-console/base/console-cluster-role.yaml
@@ -1,234 +0,0 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  name: console-sa-role
 rules:
  - apiGroups:
      - ""
    resources:
      - secrets
    verbs:
      - get
      - watch
      - create
      - list
      - patch
      - update
      - deletecollection
  - apiGroups:
      - ""
    resources:
      - namespaces
      - services
      - events
      - resourcequotas
      - nodes
    verbs:
      - get
      - watch
      - create
      - list
      - patch
  - apiGroups:
      - ""
    resources:
      - pods
    verbs:
      - get
      - watch
      - create
      - list
      - patch
      - delete
      - deletecollection
  - apiGroups:
      - ""
    resources:
      - persistentvolumeclaims
    verbs:
      - deletecollection
      - list
      - get
      - watch
      - update
  - apiGroups:
      - "storage.k8s.io"
    resources:
      - storageclasses
    verbs:
      - get
      - watch
      - create
      - list
      - patch
  - apiGroups:
      - apps
    resources:
      - statefulsets
      - deployments
    verbs:
      - get
      - create
      - list
      - patch
      - watch
      - update
      - delete
  - apiGroups:
      - batch
    resources:
      - jobs
    verbs:
      - get
      - create
      - list
      - patch
      - watch
      - update
      - delete
  - apiGroups:
      - "certificates.k8s.io"
    resources:
      - "certificatesigningrequests"
      - "certificatesigningrequests/approval"
      - "certificatesigningrequests/status"
    verbs:
      - update
      - create
      - get
  - apiGroups:
      - minio.min.io
    resources:
      - "*"
    verbs:
      - "*"
  - apiGroups:
      - min.io
    resources:
      - "*"
    verbs:
      - "*"
  - apiGroups:
    - ""
    resources:
    - persistentvolumes
    verbs:
    - get
    - list
    - watch
    - create
    - delete
  - apiGroups:
    - ""
    resources:
    - persistentvolumeclaims
    verbs:
    - get
    - list
    - watch
    - update
  - apiGroups:
    - ""
    resources:
    - events
    verbs:
    - create
    - list
    - watch
    - update
    - patch
  - apiGroups:
    - snapshot.storage.k8s.io
    resources:
    - volumesnapshots
    verbs:
    - get
    - list
  - apiGroups:
    - snapshot.storage.k8s.io
    resources:
    - volumesnapshotcontents
    verbs:
    - get
    - list
  - apiGroups:
    - storage.k8s.io
    resources:
    - csinodes
    verbs:
    - get
    - list
    - watch
  - apiGroups:
    - storage.k8s.io
    resources:
    - volumeattachments
    verbs:
    - get
    - list
    - watch
  - apiGroups:
    - ""
    resources:
    - endpoints
    verbs:
    - get
    - list
    - watch
    - create
    - update
    - delete
  - apiGroups:
    - coordination.k8s.io
    resources:
    - leases
    verbs:
    - get
    - list
    - watch
    - create
    - update
    - delete
  - apiGroups:
    - direct.csi.min.io
    resources:
    - volumes
    verbs:
    - get
    - list
    - watch
    - create
    - update
    - delete
  - apiGroups:
    - apiextensions.k8s.io
    resources:
    - customresourcedefinitions
    verbs:
    - get
    - list
    - watch
    - create
    - update
    - delete
  - apiGroups:
    - direct.csi.min.io
    resources:
    - directcsidrives
    - directcsivolumes
    verbs:
    - get
    - list
    - watch
    - create
    - update
    - delete
  - apiGroups:
    - ""
    resources:
    - pod
    - pods/log
    verbs:
    - get
    - list
    - watch
--- a/k8s/operator-console/base/console-configmap.yaml
+++ b/k8s/operator-console/base/console-configmap.yaml
@@ -1,7 +0,0 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: console-env
 data:
  CONSOLE_PORT: "9090"
  CONSOLE_TLS_PORT: "9443"
--- a/k8s/operator-console/base/console-deployment.yaml
+++ b/k8s/operator-console/base/console-deployment.yaml
@@ -1,29 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: console
 spec:
  replicas: 1
  selector:
    matchLabels:
      app: console
  template:
    metadata:
      labels:
        app: console
    spec:
      serviceAccountName: console-sa
      containers:
        - name: console
          image: minio/console:v0.13.0
          imagePullPolicy: "IfNotPresent"
          env:
            - name: CONSOLE_OPERATOR_MODE
              value: "on"
          args:
            - server
          ports:
            - containerPort: 9090
              name: http
            - containerPort: 9433
              name: https
--- a/k8s/operator-console/base/console-service-account.yaml
+++ b/k8s/operator-console/base/console-service-account.yaml
@@ -1,5 +0,0 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: console-sa
  namespace: default
--- a/k8s/operator-console/base/console-service.yaml
+++ b/k8s/operator-console/base/console-service.yaml
@@ -1,14 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: console
  labels:
    name: console
 spec:
  ports:
    - port: 9090
      name: http
    - port: 9443
      name: https
  selector:
    app: console
--- a/k8s/operator-console/base/kustomization.yaml
+++ b/k8s/operator-console/base/kustomization.yaml
@@ -1,10 +0,0 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 # beginning of customizations
 resources:
  - console-service-account.yaml
  - console-cluster-role.yaml
  - console-cluster-role-binding.yaml
  - console-configmap.yaml
  - console-service.yaml
  - console-deployment.yaml
--- a/k8s/operator-console/standalone/console-deployment.yaml
+++ b/k8s/operator-console/standalone/console-deployment.yaml
@@ -1,46 +0,0 @@
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: console
  namespace: default
  labels:
    name: console
 spec:
  ports:
    - port: 9090
      name: http
    - port: 9443
      name: https
  selector:
    app: console-standalone
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: console
  namespace: default
 spec:
  replicas: 1
  selector:
    matchLabels:
      app: console-standalone
  template:
    metadata:
      labels:
        app: console-standalone
    spec:
      containers:
        - name: console
          image: minio/console:v0.13.0
          imagePullPolicy: "IfNotPresent"
          env:
            - name: CONSOLE_MINIO_SERVER
              value: "https://minio.default.svc.cluster.local"
          args:
            - server
          ports:
            - containerPort: 9090
              name: http
            - containerPort: 9433
              name: https
--- a/k8s/tools.go
+++ b/k8s/tools.go
@@ -1,20 +0,0 @@
 // This file is part of MinIO Kubernetes Cloud
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 // Package k8s - this package imports things required by build scripts, to force `go mod` to see them as dependencies
 package k8s
 // import _ "k8s.io/code-generator"
--- a/k8s/update-codegen.sh
+++ b/k8s/update-codegen.sh
@@ -1,35 +0,0 @@
 #!/usr/bin/env bash
 # Copyright 2017 The Kubernetes Authors.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 set -o errexit
 set -o nounset
 set -o pipefail
 SCRIPT_ROOT=$(dirname "${BASH_SOURCE[0]}")/..
 CODEGEN_PKG=${CODEGEN_PKG:-$(cd "${SCRIPT_ROOT}"; ls -d -1 ./vendor/k8s.io/code-generator 2>/dev/null || echo ../code-generator)}
 # generate the code with:
 # --output-base    because this script should also be able to run inside the vendor dir of
 #                  k8s.io/kubernetes. The output-base is needed for the generators to output into the vendor dir
 #                  instead of the $GOPATH directly. For normal projects this can be dropped.
 bash "${CODEGEN_PKG}"/generate-groups.sh "all" \
  github.com/minio/console/pkg/generated \
  github.com/minio/console/pkg/apis \
  mkube:v1 \
  --go-header-file "${SCRIPT_ROOT}"/k8s/boilerplate.go.txt
 # To use your own boilerplate text append:
 #   --go-header-file "${SCRIPT_ROOT}"/hack/custom-boilerplate.go.txt
--- a/models/a_user_policy_response.go
+++ b/models/a_user_policy_response.go
@@ -0,0 +1,67 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
 // Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 //
 package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
 // AUserPolicyResponse a user policy response
 //
 // swagger:model aUserPolicyResponse
 type AUserPolicyResponse struct {
 	// policy
 	Policy string `json:"policy,omitempty"`
 }
 // Validate validates this a user policy response
 func (m *AUserPolicyResponse) Validate(formats strfmt.Registry) error {
 	return nil
 }
 // ContextValidate validates this a user policy response based on context it is used
 func (m *AUserPolicyResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }
 // MarshalBinary interface implementation
 func (m *AUserPolicyResponse) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(m)
 }
 // UnmarshalBinary interface implementation
 func (m *AUserPolicyResponse) UnmarshalBinary(b []byte) error {
 	var res AUserPolicyResponse
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*m = res
 	return nil
 }
--- a/models/access_rule.go
+++ b/models/access_rule.go
@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
--- a/models/account_change_password_request.go
+++ b/models/account_change_password_request.go
@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
--- a/models/add_bucket_lifecycle.go
+++ b/models/add_bucket_lifecycle.go
@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -24,9 +24,12 @@ package models
 import (
 	"context"
 	"encoding/json"
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 	"github.com/go-openapi/validate"
 )
 // AddBucketLifecycle add bucket lifecycle
@@ -40,9 +43,6 @@ type AddBucketLifecycle struct {
 	// Non required, toggle to disable or enable rule
 	ExpiredObjectDeleteMarker bool `json:"expired_object_delete_marker,omitempty"`
 	// Required in case of expiry_days or transition fields are not set. it defines an expiry date for ILM
 	ExpiryDate string `json:"expiry_date,omitempty"`
 	// Required in case of expiry_date or transition fields are not set. it defines an expiry days for ILM
 	ExpiryDays int32 `json:"expiry_days,omitempty"`
@@ -64,15 +64,67 @@ type AddBucketLifecycle struct {
 	// Non required field, tags to match ILM files
 	Tags string `json:"tags,omitempty"`
 	// Required in case of transition_days or expiry fields are not set. it defines a transition date for ILM
 	TransitionDate string `json:"transition_date,omitempty"`
 	// Required in case of transition_date or expiry fields are not set. it defines a transition days for ILM
 	TransitionDays int32 `json:"transition_days,omitempty"`
 	// ILM Rule type (Expiry or transition)
 	// Enum: [expiry transition]
 	Type string `json:"type,omitempty"`
 }
 // Validate validates this add bucket lifecycle
 func (m *AddBucketLifecycle) Validate(formats strfmt.Registry) error {
 	var res []error
 	if err := m.validateType(formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 var addBucketLifecycleTypeTypePropEnum []interface{}
 func init() {
 	var res []string
 	if err := json.Unmarshal([]byte(`["expiry","transition"]`), &res); err != nil {
 		panic(err)
 	}
 	for _, v := range res {
 		addBucketLifecycleTypeTypePropEnum = append(addBucketLifecycleTypeTypePropEnum, v)
 	}
 }
 const (
 	// AddBucketLifecycleTypeExpiry captures enum value "expiry"
 	AddBucketLifecycleTypeExpiry string = "expiry"
 	// AddBucketLifecycleTypeTransition captures enum value "transition"
 	AddBucketLifecycleTypeTransition string = "transition"
 )
 // prop value enum
 func (m *AddBucketLifecycle) validateTypeEnum(path, location string, value string) error {
 	if err := validate.EnumCase(path, location, value, addBucketLifecycleTypeTypePropEnum, true); err != nil {
 		return err
 	}
 	return nil
 }
 func (m *AddBucketLifecycle) validateType(formats strfmt.Registry) error {
 	if swag.IsZero(m.Type) { // not required
 		return nil
 	}
 	// value enum
 	if err := m.validateTypeEnum("type", "body", m.Type); err != nil {
 		return err
 	}
 	return nil
 }
--- a/models/add_bucket_replication.go
+++ b/models/add_bucket_replication.go
@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
--- a/models/add_group_request.go
+++ b/models/add_group_request.go
@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
--- a/models/add_multi_bucket_lifecycle.go
+++ b/models/add_multi_bucket_lifecycle.go
@@ -0,0 +1,168 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
 // Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 //
 package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"encoding/json"
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 	"github.com/go-openapi/validate"
 )
 // AddMultiBucketLifecycle add multi bucket lifecycle
 //
 // swagger:model addMultiBucketLifecycle
 type AddMultiBucketLifecycle struct {
 	// buckets
 	// Required: true
 	Buckets []string `json:"buckets"`
 	// Non required, toggle to disable or enable rule
 	ExpiredObjectDeleteMarker bool `json:"expired_object_delete_marker,omitempty"`
 	// Required in case of expiry_date or transition fields are not set. it defines an expiry days for ILM
 	ExpiryDays int32 `json:"expiry_days,omitempty"`
 	// Non required, can be set in case of expiration is enabled
 	NoncurrentversionExpirationDays int32 `json:"noncurrentversion_expiration_days,omitempty"`
 	// Non required, can be set in case of transition is enabled
 	NoncurrentversionTransitionDays int32 `json:"noncurrentversion_transition_days,omitempty"`
 	// Non required, can be set in case of transition is enabled
 	NoncurrentversionTransitionStorageClass string `json:"noncurrentversion_transition_storage_class,omitempty"`
 	// Non required field, it matches a prefix to perform ILM operations on it
 	Prefix string `json:"prefix,omitempty"`
 	// Required only in case of transition is set. it refers to a tier
 	StorageClass string `json:"storage_class,omitempty"`
 	// Non required field, tags to match ILM files
 	Tags string `json:"tags,omitempty"`
 	// Required in case of transition_date or expiry fields are not set. it defines a transition days for ILM
 	TransitionDays int32 `json:"transition_days,omitempty"`
 	// ILM Rule type (Expiry or transition)
 	// Required: true
 	// Enum: [expiry transition]
 	Type *string `json:"type"`
 }
 // Validate validates this add multi bucket lifecycle
 func (m *AddMultiBucketLifecycle) Validate(formats strfmt.Registry) error {
 	var res []error
 	if err := m.validateBuckets(formats); err != nil {
 		res = append(res, err)
 	}
 	if err := m.validateType(formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 func (m *AddMultiBucketLifecycle) validateBuckets(formats strfmt.Registry) error {
 	if err := validate.Required("buckets", "body", m.Buckets); err != nil {
 		return err
 	}
 	return nil
 }
 var addMultiBucketLifecycleTypeTypePropEnum []interface{}
 func init() {
 	var res []string
 	if err := json.Unmarshal([]byte(`["expiry","transition"]`), &res); err != nil {
 		panic(err)
 	}
 	for _, v := range res {
 		addMultiBucketLifecycleTypeTypePropEnum = append(addMultiBucketLifecycleTypeTypePropEnum, v)
 	}
 }
 const (
 	// AddMultiBucketLifecycleTypeExpiry captures enum value "expiry"
 	AddMultiBucketLifecycleTypeExpiry string = "expiry"
 	// AddMultiBucketLifecycleTypeTransition captures enum value "transition"
 	AddMultiBucketLifecycleTypeTransition string = "transition"
 )
 // prop value enum
 func (m *AddMultiBucketLifecycle) validateTypeEnum(path, location string, value string) error {
 	if err := validate.EnumCase(path, location, value, addMultiBucketLifecycleTypeTypePropEnum, true); err != nil {
 		return err
 	}
 	return nil
 }
 func (m *AddMultiBucketLifecycle) validateType(formats strfmt.Registry) error {
 	if err := validate.Required("type", "body", m.Type); err != nil {
 		return err
 	}
 	// value enum
 	if err := m.validateTypeEnum("type", "body", *m.Type); err != nil {
 		return err
 	}
 	return nil
 }
 // ContextValidate validates this add multi bucket lifecycle based on context it is used
 func (m *AddMultiBucketLifecycle) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }
 // MarshalBinary interface implementation
 func (m *AddMultiBucketLifecycle) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(m)
 }
 // UnmarshalBinary interface implementation
 func (m *AddMultiBucketLifecycle) UnmarshalBinary(b []byte) error {
 	var res AddMultiBucketLifecycle
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*m = res
 	return nil
 }
--- a/models/add_policy_request.go
+++ b/models/add_policy_request.go
@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
--- a/models/add_service_account_policy_request.go
+++ b/models/add_service_account_policy_request.go
@@ -0,0 +1,88 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
 // Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 //
 package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 	"github.com/go-openapi/validate"
 )
 // AddServiceAccountPolicyRequest add service account policy request
 //
 // swagger:model addServiceAccountPolicyRequest
 type AddServiceAccountPolicyRequest struct {
 	// policy
 	// Required: true
 	Policy *string `json:"policy"`
 }
 // Validate validates this add service account policy request
 func (m *AddServiceAccountPolicyRequest) Validate(formats strfmt.Registry) error {
 	var res []error
 	if err := m.validatePolicy(formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 func (m *AddServiceAccountPolicyRequest) validatePolicy(formats strfmt.Registry) error {
 	if err := validate.Required("policy", "body", m.Policy); err != nil {
 		return err
 	}
 	return nil
 }
 // ContextValidate validates this add service account policy request based on context it is used
 func (m *AddServiceAccountPolicyRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }
 // MarshalBinary interface implementation
 func (m *AddServiceAccountPolicyRequest) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(m)
 }
 // UnmarshalBinary interface implementation
 func (m *AddServiceAccountPolicyRequest) UnmarshalBinary(b []byte) error {
 	var res AddServiceAccountPolicyRequest
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*m = res
 	return nil
 }
--- a/models/add_user_request.go
+++ b/models/add_user_request.go
@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
--- a/models/admin_info_response.go
+++ b/models/admin_info_response.go
@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -24,11 +24,13 @@ package models
 import (
 	"context"
 	"encoding/json"
 	"strconv"
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 	"github.com/go-openapi/validate"
 )
 // AdminInfoResponse admin info response
@@ -36,15 +38,19 @@ import (
 // swagger:model adminInfoResponse
 type AdminInfoResponse struct {
 	// advanced metrics status
 	// Enum: [not configured available unavailable]
 	AdvancedMetricsStatus string `json:"advancedMetricsStatus,omitempty"`
 	// backend
 	Backend *BackendProperties `json:"backend,omitempty"`
 	// buckets
 	Buckets int64 `json:"buckets,omitempty"`
 	// objects
 	Objects int64 `json:"objects,omitempty"`
 	// prometheus not ready
 	PrometheusNotReady bool `json:"prometheusNotReady,omitempty"`
 	// servers
 	Servers []*ServerProperties `json:"servers"`
@@ -59,6 +65,14 @@ type AdminInfoResponse struct {
 func (m *AdminInfoResponse) Validate(formats strfmt.Registry) error {
 	var res []error
 	if err := m.validateAdvancedMetricsStatus(formats); err != nil {
 		res = append(res, err)
 	}
 	if err := m.validateBackend(formats); err != nil {
 		res = append(res, err)
 	}
 	if err := m.validateServers(formats); err != nil {
 		res = append(res, err)
 	}
@@ -73,6 +87,70 @@ func (m *AdminInfoResponse) Validate(formats strfmt.Registry) error {
 	return nil
 }
 var adminInfoResponseTypeAdvancedMetricsStatusPropEnum []interface{}
 func init() {
 	var res []string
 	if err := json.Unmarshal([]byte(`["not configured","available","unavailable"]`), &res); err != nil {
 		panic(err)
 	}
 	for _, v := range res {
 		adminInfoResponseTypeAdvancedMetricsStatusPropEnum = append(adminInfoResponseTypeAdvancedMetricsStatusPropEnum, v)
 	}
 }
 const (
 	// AdminInfoResponseAdvancedMetricsStatusNotConfigured captures enum value "not configured"
 	AdminInfoResponseAdvancedMetricsStatusNotConfigured string = "not configured"
 	// AdminInfoResponseAdvancedMetricsStatusAvailable captures enum value "available"
 	AdminInfoResponseAdvancedMetricsStatusAvailable string = "available"
 	// AdminInfoResponseAdvancedMetricsStatusUnavailable captures enum value "unavailable"
 	AdminInfoResponseAdvancedMetricsStatusUnavailable string = "unavailable"
 )
 // prop value enum
 func (m *AdminInfoResponse) validateAdvancedMetricsStatusEnum(path, location string, value string) error {
 	if err := validate.EnumCase(path, location, value, adminInfoResponseTypeAdvancedMetricsStatusPropEnum, true); err != nil {
 		return err
 	}
 	return nil
 }
 func (m *AdminInfoResponse) validateAdvancedMetricsStatus(formats strfmt.Registry) error {
 	if swag.IsZero(m.AdvancedMetricsStatus) { // not required
 		return nil
 	}
 	// value enum
 	if err := m.validateAdvancedMetricsStatusEnum("advancedMetricsStatus", "body", m.AdvancedMetricsStatus); err != nil {
 		return err
 	}
 	return nil
 }
 func (m *AdminInfoResponse) validateBackend(formats strfmt.Registry) error {
 	if swag.IsZero(m.Backend) { // not required
 		return nil
 	}
 	if m.Backend != nil {
 		if err := m.Backend.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("backend")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
 				return ce.ValidateName("backend")
 			}
 			return err
 		}
 	}
 	return nil
 }
 func (m *AdminInfoResponse) validateServers(formats strfmt.Registry) error {
 	if swag.IsZero(m.Servers) { // not required
 		return nil
@@ -87,6 +165,8 @@ func (m *AdminInfoResponse) validateServers(formats strfmt.Registry) error {
 			if err := m.Servers[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("servers" + "." + strconv.Itoa(i))
 				} else if ce, ok := err.(*errors.CompositeError); ok {
 					return ce.ValidateName("servers" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -111,6 +191,8 @@ func (m *AdminInfoResponse) validateWidgets(formats strfmt.Registry) error {
 			if err := m.Widgets[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("widgets" + "." + strconv.Itoa(i))
 				} else if ce, ok := err.(*errors.CompositeError); ok {
 					return ce.ValidateName("widgets" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -125,6 +207,10 @@ func (m *AdminInfoResponse) validateWidgets(formats strfmt.Registry) error {
 func (m *AdminInfoResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
 	if err := m.contextValidateBackend(ctx, formats); err != nil {
 		res = append(res, err)
 	}
 	if err := m.contextValidateServers(ctx, formats); err != nil {
 		res = append(res, err)
 	}
@@ -139,6 +225,22 @@ func (m *AdminInfoResponse) ContextValidate(ctx context.Context, formats strfmt.
 	return nil
 }
 func (m *AdminInfoResponse) contextValidateBackend(ctx context.Context, formats strfmt.Registry) error {
 	if m.Backend != nil {
 		if err := m.Backend.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("backend")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
 				return ce.ValidateName("backend")
 			}
 			return err
 		}
 	}
 	return nil
 }
 func (m *AdminInfoResponse) contextValidateServers(ctx context.Context, formats strfmt.Registry) error {
 	for i := 0; i < len(m.Servers); i++ {
@@ -147,6 +249,8 @@ func (m *AdminInfoResponse) contextValidateServers(ctx context.Context, formats
 			if err := m.Servers[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("servers" + "." + strconv.Itoa(i))
 				} else if ce, ok := err.(*errors.CompositeError); ok {
 					return ce.ValidateName("servers" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -165,6 +269,8 @@ func (m *AdminInfoResponse) contextValidateWidgets(ctx context.Context, formats
 			if err := m.Widgets[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
 					return ve.ValidateName("widgets" + "." + strconv.Itoa(i))
 				} else if ce, ok := err.(*errors.CompositeError); ok {
 					return ce.ValidateName("widgets" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
--- a/models/allocatable_resources_response.go
+++ b/models/allocatable_resources_response.go
@@ -1,165 +0,0 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 //
 package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
 // AllocatableResourcesResponse allocatable resources response
 //
 // swagger:model allocatableResourcesResponse
 type AllocatableResourcesResponse struct {
 	// cpu priority
 	CPUPriority *NodeMaxAllocatableResources `json:"cpu_priority,omitempty"`
 	// mem priority
 	MemPriority *NodeMaxAllocatableResources `json:"mem_priority,omitempty"`
 	// min allocatable cpu
 	MinAllocatableCPU int64 `json:"min_allocatable_cpu,omitempty"`
 	// min allocatable mem
 	MinAllocatableMem int64 `json:"min_allocatable_mem,omitempty"`
 }
 // Validate validates this allocatable resources response
 func (m *AllocatableResourcesResponse) Validate(formats strfmt.Registry) error {
 	var res []error
 	if err := m.validateCPUPriority(formats); err != nil {
 		res = append(res, err)
 	}
 	if err := m.validateMemPriority(formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 func (m *AllocatableResourcesResponse) validateCPUPriority(formats strfmt.Registry) error {
 	if swag.IsZero(m.CPUPriority) { // not required
 		return nil
 	}
 	if m.CPUPriority != nil {
 		if err := m.CPUPriority.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("cpu_priority")
 			}
 			return err
 		}
 	}
 	return nil
 }
 func (m *AllocatableResourcesResponse) validateMemPriority(formats strfmt.Registry) error {
 	if swag.IsZero(m.MemPriority) { // not required
 		return nil
 	}
 	if m.MemPriority != nil {
 		if err := m.MemPriority.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("mem_priority")
 			}
 			return err
 		}
 	}
 	return nil
 }
 // ContextValidate validate this allocatable resources response based on the context it is used
 func (m *AllocatableResourcesResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
 	if err := m.contextValidateCPUPriority(ctx, formats); err != nil {
 		res = append(res, err)
 	}
 	if err := m.contextValidateMemPriority(ctx, formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 func (m *AllocatableResourcesResponse) contextValidateCPUPriority(ctx context.Context, formats strfmt.Registry) error {
 	if m.CPUPriority != nil {
 		if err := m.CPUPriority.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("cpu_priority")
 			}
 			return err
 		}
 	}
 	return nil
 }
 func (m *AllocatableResourcesResponse) contextValidateMemPriority(ctx context.Context, formats strfmt.Registry) error {
 	if m.MemPriority != nil {
 		if err := m.MemPriority.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("mem_priority")
 			}
 			return err
 		}
 	}
 	return nil
 }
 // MarshalBinary interface implementation
 func (m *AllocatableResourcesResponse) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(m)
 }
 // UnmarshalBinary interface implementation
 func (m *AllocatableResourcesResponse) UnmarshalBinary(b []byte) error {
 	var res AllocatableResourcesResponse
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*m = res
 	return nil
 }
--- a/models/api_key.go
+++ b/models/api_key.go
@@ -0,0 +1,67 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
 // Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 //
 package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
 // APIKey api key
 //
 // swagger:model apiKey
 type APIKey struct {
 	// api key
 	APIKey string `json:"apiKey,omitempty"`
 }
 // Validate validates this api key
 func (m *APIKey) Validate(formats strfmt.Registry) error {
 	return nil
 }
 // ContextValidate validates this api key based on context it is used
 func (m *APIKey) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }
 // MarshalBinary interface implementation
 func (m *APIKey) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(m)
 }
 // UnmarshalBinary interface implementation
 func (m *APIKey) UnmarshalBinary(b []byte) error {
 	var res APIKey
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*m = res
 	return nil
 }
--- a/models/arns_response.go
+++ b/models/arns_response.go
@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
--- a/models/aws_configuration.go
+++ b/models/aws_configuration.go
@@ -1,321 +0,0 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 //
 package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 	"github.com/go-openapi/validate"
 )
 // AwsConfiguration aws configuration
 //
 // swagger:model awsConfiguration
 type AwsConfiguration struct {
 	// secretsmanager
 	// Required: true
 	Secretsmanager *AwsConfigurationSecretsmanager `json:"secretsmanager"`
 }
 // Validate validates this aws configuration
 func (m *AwsConfiguration) Validate(formats strfmt.Registry) error {
 	var res []error
 	if err := m.validateSecretsmanager(formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 func (m *AwsConfiguration) validateSecretsmanager(formats strfmt.Registry) error {
 	if err := validate.Required("secretsmanager", "body", m.Secretsmanager); err != nil {
 		return err
 	}
 	if m.Secretsmanager != nil {
 		if err := m.Secretsmanager.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("secretsmanager")
 			}
 			return err
 		}
 	}
 	return nil
 }
 // ContextValidate validate this aws configuration based on the context it is used
 func (m *AwsConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
 	if err := m.contextValidateSecretsmanager(ctx, formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 func (m *AwsConfiguration) contextValidateSecretsmanager(ctx context.Context, formats strfmt.Registry) error {
 	if m.Secretsmanager != nil {
 		if err := m.Secretsmanager.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("secretsmanager")
 			}
 			return err
 		}
 	}
 	return nil
 }
 // MarshalBinary interface implementation
 func (m *AwsConfiguration) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(m)
 }
 // UnmarshalBinary interface implementation
 func (m *AwsConfiguration) UnmarshalBinary(b []byte) error {
 	var res AwsConfiguration
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*m = res
 	return nil
 }
 // AwsConfigurationSecretsmanager aws configuration secretsmanager
 //
 // swagger:model AwsConfigurationSecretsmanager
 type AwsConfigurationSecretsmanager struct {
 	// credentials
 	// Required: true
 	Credentials *AwsConfigurationSecretsmanagerCredentials `json:"credentials"`
 	// endpoint
 	// Required: true
 	Endpoint *string `json:"endpoint"`
 	// kmskey
 	Kmskey string `json:"kmskey,omitempty"`
 	// region
 	// Required: true
 	Region *string `json:"region"`
 }
 // Validate validates this aws configuration secretsmanager
 func (m *AwsConfigurationSecretsmanager) Validate(formats strfmt.Registry) error {
 	var res []error
 	if err := m.validateCredentials(formats); err != nil {
 		res = append(res, err)
 	}
 	if err := m.validateEndpoint(formats); err != nil {
 		res = append(res, err)
 	}
 	if err := m.validateRegion(formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 func (m *AwsConfigurationSecretsmanager) validateCredentials(formats strfmt.Registry) error {
 	if err := validate.Required("secretsmanager"+"."+"credentials", "body", m.Credentials); err != nil {
 		return err
 	}
 	if m.Credentials != nil {
 		if err := m.Credentials.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("secretsmanager" + "." + "credentials")
 			}
 			return err
 		}
 	}
 	return nil
 }
 func (m *AwsConfigurationSecretsmanager) validateEndpoint(formats strfmt.Registry) error {
 	if err := validate.Required("secretsmanager"+"."+"endpoint", "body", m.Endpoint); err != nil {
 		return err
 	}
 	return nil
 }
 func (m *AwsConfigurationSecretsmanager) validateRegion(formats strfmt.Registry) error {
 	if err := validate.Required("secretsmanager"+"."+"region", "body", m.Region); err != nil {
 		return err
 	}
 	return nil
 }
 // ContextValidate validate this aws configuration secretsmanager based on the context it is used
 func (m *AwsConfigurationSecretsmanager) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
 	if err := m.contextValidateCredentials(ctx, formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 func (m *AwsConfigurationSecretsmanager) contextValidateCredentials(ctx context.Context, formats strfmt.Registry) error {
 	if m.Credentials != nil {
 		if err := m.Credentials.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("secretsmanager" + "." + "credentials")
 			}
 			return err
 		}
 	}
 	return nil
 }
 // MarshalBinary interface implementation
 func (m *AwsConfigurationSecretsmanager) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(m)
 }
 // UnmarshalBinary interface implementation
 func (m *AwsConfigurationSecretsmanager) UnmarshalBinary(b []byte) error {
 	var res AwsConfigurationSecretsmanager
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*m = res
 	return nil
 }
 // AwsConfigurationSecretsmanagerCredentials aws configuration secretsmanager credentials
 //
 // swagger:model AwsConfigurationSecretsmanagerCredentials
 type AwsConfigurationSecretsmanagerCredentials struct {
 	// accesskey
 	// Required: true
 	Accesskey *string `json:"accesskey"`
 	// secretkey
 	// Required: true
 	Secretkey *string `json:"secretkey"`
 	// token
 	Token string `json:"token,omitempty"`
 }
 // Validate validates this aws configuration secretsmanager credentials
 func (m *AwsConfigurationSecretsmanagerCredentials) Validate(formats strfmt.Registry) error {
 	var res []error
 	if err := m.validateAccesskey(formats); err != nil {
 		res = append(res, err)
 	}
 	if err := m.validateSecretkey(formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 func (m *AwsConfigurationSecretsmanagerCredentials) validateAccesskey(formats strfmt.Registry) error {
 	if err := validate.Required("secretsmanager"+"."+"credentials"+"."+"accesskey", "body", m.Accesskey); err != nil {
 		return err
 	}
 	return nil
 }
 func (m *AwsConfigurationSecretsmanagerCredentials) validateSecretkey(formats strfmt.Registry) error {
 	if err := validate.Required("secretsmanager"+"."+"credentials"+"."+"secretkey", "body", m.Secretkey); err != nil {
 		return err
 	}
 	return nil
 }
 // ContextValidate validates this aws configuration secretsmanager credentials based on context it is used
 func (m *AwsConfigurationSecretsmanagerCredentials) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }
 // MarshalBinary interface implementation
 func (m *AwsConfigurationSecretsmanagerCredentials) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(m)
 }
 // UnmarshalBinary interface implementation
 func (m *AwsConfigurationSecretsmanagerCredentials) UnmarshalBinary(b []byte) error {
 	var res AwsConfigurationSecretsmanagerCredentials
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*m = res
 	return nil
 }
--- a/models/azure_configuration.go
+++ b/models/azure_configuration.go
@@ -1,313 +0,0 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
 // Copyright (c) 2021 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 //
 package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 	"github.com/go-openapi/validate"
 )
 // AzureConfiguration azure configuration
 //
 // swagger:model azureConfiguration
 type AzureConfiguration struct {
 	// keyvault
 	// Required: true
 	Keyvault *AzureConfigurationKeyvault `json:"keyvault"`
 }
 // Validate validates this azure configuration
 func (m *AzureConfiguration) Validate(formats strfmt.Registry) error {
 	var res []error
 	if err := m.validateKeyvault(formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 func (m *AzureConfiguration) validateKeyvault(formats strfmt.Registry) error {
 	if err := validate.Required("keyvault", "body", m.Keyvault); err != nil {
 		return err
 	}
 	if m.Keyvault != nil {
 		if err := m.Keyvault.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("keyvault")
 			}
 			return err
 		}
 	}
 	return nil
 }
 // ContextValidate validate this azure configuration based on the context it is used
 func (m *AzureConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
 	if err := m.contextValidateKeyvault(ctx, formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 func (m *AzureConfiguration) contextValidateKeyvault(ctx context.Context, formats strfmt.Registry) error {
 	if m.Keyvault != nil {
 		if err := m.Keyvault.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("keyvault")
 			}
 			return err
 		}
 	}
 	return nil
 }
 // MarshalBinary interface implementation
 func (m *AzureConfiguration) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(m)
 }
 // UnmarshalBinary interface implementation
 func (m *AzureConfiguration) UnmarshalBinary(b []byte) error {
 	var res AzureConfiguration
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*m = res
 	return nil
 }
 // AzureConfigurationKeyvault azure configuration keyvault
 //
 // swagger:model AzureConfigurationKeyvault
 type AzureConfigurationKeyvault struct {
 	// credentials
 	Credentials *AzureConfigurationKeyvaultCredentials `json:"credentials,omitempty"`
 	// endpoint
 	// Required: true
 	Endpoint *string `json:"endpoint"`
 }
 // Validate validates this azure configuration keyvault
 func (m *AzureConfigurationKeyvault) Validate(formats strfmt.Registry) error {
 	var res []error
 	if err := m.validateCredentials(formats); err != nil {
 		res = append(res, err)
 	}
 	if err := m.validateEndpoint(formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 func (m *AzureConfigurationKeyvault) validateCredentials(formats strfmt.Registry) error {
 	if swag.IsZero(m.Credentials) { // not required
 		return nil
 	}
 	if m.Credentials != nil {
 		if err := m.Credentials.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("keyvault" + "." + "credentials")
 			}
 			return err
 		}
 	}
 	return nil
 }
 func (m *AzureConfigurationKeyvault) validateEndpoint(formats strfmt.Registry) error {
 	if err := validate.Required("keyvault"+"."+"endpoint", "body", m.Endpoint); err != nil {
 		return err
 	}
 	return nil
 }
 // ContextValidate validate this azure configuration keyvault based on the context it is used
 func (m *AzureConfigurationKeyvault) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
 	if err := m.contextValidateCredentials(ctx, formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 func (m *AzureConfigurationKeyvault) contextValidateCredentials(ctx context.Context, formats strfmt.Registry) error {
 	if m.Credentials != nil {
 		if err := m.Credentials.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("keyvault" + "." + "credentials")
 			}
 			return err
 		}
 	}
 	return nil
 }
 // MarshalBinary interface implementation
 func (m *AzureConfigurationKeyvault) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(m)
 }
 // UnmarshalBinary interface implementation
 func (m *AzureConfigurationKeyvault) UnmarshalBinary(b []byte) error {
 	var res AzureConfigurationKeyvault
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*m = res
 	return nil
 }
 // AzureConfigurationKeyvaultCredentials azure configuration keyvault credentials
 //
 // swagger:model AzureConfigurationKeyvaultCredentials
 type AzureConfigurationKeyvaultCredentials struct {
 	// client id
 	// Required: true
 	ClientID *string `json:"client_id"`
 	// client secret
 	// Required: true
 	ClientSecret *string `json:"client_secret"`
 	// tenant id
 	// Required: true
 	TenantID *string `json:"tenant_id"`
 }
 // Validate validates this azure configuration keyvault credentials
 func (m *AzureConfigurationKeyvaultCredentials) Validate(formats strfmt.Registry) error {
 	var res []error
 	if err := m.validateClientID(formats); err != nil {
 		res = append(res, err)
 	}
 	if err := m.validateClientSecret(formats); err != nil {
 		res = append(res, err)
 	}
 	if err := m.validateTenantID(formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
 func (m *AzureConfigurationKeyvaultCredentials) validateClientID(formats strfmt.Registry) error {
 	if err := validate.Required("keyvault"+"."+"credentials"+"."+"client_id", "body", m.ClientID); err != nil {
 		return err
 	}
 	return nil
 }
 func (m *AzureConfigurationKeyvaultCredentials) validateClientSecret(formats strfmt.Registry) error {
 	if err := validate.Required("keyvault"+"."+"credentials"+"."+"client_secret", "body", m.ClientSecret); err != nil {
 		return err
 	}
 	return nil
 }
 func (m *AzureConfigurationKeyvaultCredentials) validateTenantID(formats strfmt.Registry) error {
 	if err := validate.Required("keyvault"+"."+"credentials"+"."+"tenant_id", "body", m.TenantID); err != nil {
 		return err
 	}
 	return nil
 }
 // ContextValidate validates this azure configuration keyvault credentials based on context it is used
 func (m *AzureConfigurationKeyvaultCredentials) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }
 // MarshalBinary interface implementation
 func (m *AzureConfigurationKeyvaultCredentials) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(m)
 }
 // UnmarshalBinary interface implementation
 func (m *AzureConfigurationKeyvaultCredentials) UnmarshalBinary(b []byte) error {
 	var res AzureConfigurationKeyvaultCredentials
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*m = res
 	return nil
 }
--- a/models/backend_properties.go
+++ b/models/backend_properties.go
@@ -0,0 +1,79 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
 // Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 //
 package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
 // BackendProperties backend properties
 //
 // swagger:model BackendProperties
 type BackendProperties struct {
 	// backend type
 	BackendType string `json:"backendType,omitempty"`
 	// offline drives
 	OfflineDrives int64 `json:"offlineDrives,omitempty"`
 	// online drives
 	OnlineDrives int64 `json:"onlineDrives,omitempty"`
 	// rr s c parity
 	RrSCParity int64 `json:"rrSCParity,omitempty"`
 	// standard s c parity
 	StandardSCParity int64 `json:"standardSCParity,omitempty"`
 }
 // Validate validates this backend properties
 func (m *BackendProperties) Validate(formats strfmt.Registry) error {
 	return nil
 }
 // ContextValidate validates this backend properties based on context it is used
 func (m *BackendProperties) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }
 // MarshalBinary interface implementation
 func (m *BackendProperties) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(m)
 }
 // UnmarshalBinary interface implementation
 func (m *BackendProperties) UnmarshalBinary(b []byte) error {
 	var res BackendProperties
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*m = res
 	return nil
 }
--- a/models/bucket.go
+++ b/models/bucket.go
@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -43,6 +43,9 @@ type Bucket struct {
 	// creation date
 	CreationDate string `json:"creation_date,omitempty"`
 	// definition
 	Definition string `json:"definition,omitempty"`
 	// details
 	Details *BucketDetails `json:"details,omitempty"`
@@ -96,6 +99,8 @@ func (m *Bucket) validateAccess(formats strfmt.Registry) error {
 		if err := m.Access.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("access")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
 				return ce.ValidateName("access")
 			}
 			return err
 		}
@@ -113,6 +118,8 @@ func (m *Bucket) validateDetails(formats strfmt.Registry) error {
 		if err := m.Details.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("details")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
 				return ce.ValidateName("details")
 			}
 			return err
 		}
@@ -143,6 +150,8 @@ func (m *Bucket) validateRwAccess(formats strfmt.Registry) error {
 		if err := m.RwAccess.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("rw_access")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
 				return ce.ValidateName("rw_access")
 			}
 			return err
 		}
@@ -179,6 +188,8 @@ func (m *Bucket) contextValidateAccess(ctx context.Context, formats strfmt.Regis
 		if err := m.Access.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("access")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
 				return ce.ValidateName("access")
 			}
 			return err
 		}
@@ -193,6 +204,8 @@ func (m *Bucket) contextValidateDetails(ctx context.Context, formats strfmt.Regi
 		if err := m.Details.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("details")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
 				return ce.ValidateName("details")
 			}
 			return err
 		}
@@ -207,6 +220,8 @@ func (m *Bucket) contextValidateRwAccess(ctx context.Context, formats strfmt.Reg
 		if err := m.RwAccess.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("rw_access")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
 				return ce.ValidateName("rw_access")
 			}
 			return err
 		}
@@ -280,6 +295,8 @@ func (m *BucketDetails) validateQuota(formats strfmt.Registry) error {
 		if err := m.Quota.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("details" + "." + "quota")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
 				return ce.ValidateName("details" + "." + "quota")
 			}
 			return err
 		}
@@ -308,6 +325,8 @@ func (m *BucketDetails) contextValidateQuota(ctx context.Context, formats strfmt
 		if err := m.Quota.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("details" + "." + "quota")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
 				return ce.ValidateName("details" + "." + "quota")
 			}
 			return err
 		}
@@ -343,7 +362,7 @@ type BucketDetailsQuota struct {
 	Quota int64 `json:"quota,omitempty"`
 	// type
-	// Enum: [fifo hard]
+	// Enum: [hard]
 	Type string `json:"type,omitempty"`
 }
@@ -365,7 +384,7 @@ var bucketDetailsQuotaTypeTypePropEnum []interface{}
 func init() {
 	var res []string
-	if err := json.Unmarshal([]byte(`["fifo","hard"]`), &res); err != nil {
+	if err := json.Unmarshal([]byte(`["hard"]`), &res); err != nil {
 		panic(err)
 	}
 	for _, v := range res {
@@ -375,9 +394,6 @@ func init() {
 const (
 	// BucketDetailsQuotaTypeFifo captures enum value "fifo"
 	BucketDetailsQuotaTypeFifo string = "fifo"
 	// BucketDetailsQuotaTypeHard captures enum value "hard"
 	BucketDetailsQuotaTypeHard string = "hard"
 )
--- a/models/bucket_access.go
+++ b/models/bucket_access.go
@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -37,8 +37,12 @@ import (
 type BucketAccess string
 func NewBucketAccess(value BucketAccess) *BucketAccess {
-	v := value
+	return &value
-	return &v
+}
 // Pointer returns a pointer to a freshly-allocated BucketAccess.
 func (m BucketAccess) Pointer() *BucketAccess {
 	return &m
 }
 const (
--- a/models/bucket_encryption_info.go
+++ b/models/bucket_encryption_info.go
@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
--- a/models/bucket_encryption_request.go
+++ b/models/bucket_encryption_request.go
@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -65,6 +65,8 @@ func (m *BucketEncryptionRequest) validateEncType(formats strfmt.Registry) error
 		if err := m.EncType.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("encType")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
 				return ce.ValidateName("encType")
 			}
 			return err
 		}
@@ -93,6 +95,8 @@ func (m *BucketEncryptionRequest) contextValidateEncType(ctx context.Context, fo
 		if err := m.EncType.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
 				return ve.ValidateName("encType")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
 				return ce.ValidateName("encType")
 			}
 			return err
 		}
--- a/models/bucket_encryption_type.go
+++ b/models/bucket_encryption_type.go
@@ -1,7 +1,7 @@
 // Code generated by go-swagger; DO NOT EDIT.
 // This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
+// Copyright (c) 2023 MinIO, Inc.
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
@@ -37,8 +37,12 @@ import (
 type BucketEncryptionType string
 func NewBucketEncryptionType(value BucketEncryptionType) *BucketEncryptionType {
-	v := value
+	return &value
-	return &v
+}
 // Pointer returns a pointer to a freshly-allocated BucketEncryptionType.
 func (m BucketEncryptionType) Pointer() *BucketEncryptionType {
 	return &m
 }
 const (
--- a/Show More
+++ b/Show More