Release v0.22.2 (#2495 )

Signed-off-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com>
Updated mds & fixed blank pages on login (#2494 )
2022-12-09 16:42:57 -08:00 · 2022-12-09 14:24:58 -08:00 · 2022-12-09 14:13:10 -08:00 · 2022-12-09 11:18:19 -08:00 · 2022-12-08 07:54:21 -08:00 · 2022-12-07 20:01:09 -06:00
1699 changed files with 59445 additions and 16394 deletions
--- a/.github/workflows/jobs.yaml
+++ b/.github/workflows/jobs.yaml
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -5,50 +5,45 @@ linters-settings:
  misspell:
    locale: US

+  goheader:
+    values:
+      regexp:
+        copyright-holder: Copyright \(c\) (20\d\d\-20\d\d)|2021|({{year}})
+    template-path: .license.tmpl
+
 linters:
  disable-all: true
  enable:
-    - typecheck
    - goimports
    - misspell
    - govet
    - revive
    - ineffassign
    - gosimple
-    - deadcode
-    - structcheck
    - gomodguard
    - gofmt
    - unused
-    - structcheck
    - unconvert
    - varcheck
    - gocritic
    - gofumpt
-    - tenv
    - durationcheck

-linters-settings:
-  goheader:
-    values:
-      regexp:
-        copyright-holder: Copyright \(c\) (20\d\d\-20\d\d)|2021|({{year}})
-    template-path: .license.tmpl
-
 service:
  golangci-lint-version: 1.43.0 # use the fixed version to not introduce new linters unexpectedly

 issues:
  exclude-use-default: false
  exclude:
-      - should have a package comment
-      # TODO(y4m4): Remove once all exported ident. have comments!      
-      - comment on exported function
-      - comment on exported type
-      - should have comment
-      - use leading k in Go names
-      - comment on exported const
+    - should have a package comment
+    # TODO(y4m4): Remove once all exported ident. have comments!
+    - comment on exported function
+    - comment on exported type
+    - should have comment
+    - use leading k in Go names
+    - comment on exported const
 run:
  skip-dirs:
    - pkg/clientgen
    - pkg/apis/networking.gke.io
+    - restapi/operations
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -13,7 +13,7 @@ release:
 before:
  hooks:
    # you may remove this if you don't use vgo
-    - go mod tidy -compat=1.17
+    - go mod tidy -compat=1.18

 builds:
  -
--- a/.nvmrc
+++ b/.nvmrc
@@ -0,0 +1 @@
+17
--- a/2768
+++ b/2768
--- a/3
+++ b/3
@@ -1,4 +1,5 @@
-FROM node:17 as uilayer
+ARG NODE_VERSION
+FROM node:$NODE_VERSION as uilayer

 WORKDIR /app

--- a/Dockerfile.assets
+++ b/Dockerfile.assets
@@ -1,4 +1,5 @@
-FROM node:17 as uilayer
+ARG NODE_VERSION
+FROM node:$NODE_VERSION as uilayer

 WORKDIR /app

--- a/Dockerfile.release
+++ b/Dockerfile.release
@@ -1,4 +1,4 @@
-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.5
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6

 ARG TAG

--- a/21
+++ b/21
@@ -6,6 +6,7 @@ BUILD_TIME:=$(shell date 2>/dev/null)
 TAG ?= "minio/console:$(BUILD_VERSION)-dev"
 MINIO_VERSION ?= "quay.io/minio/minio:latest"
 TARGET_BUCKET ?= "target"
+NODE_VERSION := $(shell cat .nvmrc)

 default: console

@@ -15,22 +16,19 @@ console:
 	@(GO111MODULE=on CGO_ENABLED=0 go build -trimpath --tags=kqueue,operator --ldflags "-s -w" -o console ./cmd/console)

 k8sdev:
-	@docker build -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' .
+	@docker build -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' --build-arg NODE_VERSION='$(NODE_VERSION)' .
 	@kind load docker-image $(TAG)
 	@echo "Done, now restart your console deployment"

 getdeps:
 	@mkdir -p ${GOPATH}/bin
-	@echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin v1.45.2
+	@echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin

 verifiers: getdeps fmt lint

 fmt:
 	@echo "Running $@ check"
-	@GO111MODULE=on gofmt -d restapi/
-	@GO111MODULE=on gofmt -d pkg/
-	@GO111MODULE=on gofmt -d cmd/
-	@GO111MODULE=on gofmt -d cluster/
+	@(env bash $(PWD)/verify-gofmt.sh)

 crosscompile:
 	@(env bash $(PWD)/cross-compile.sh $(arg1))
@@ -45,9 +43,13 @@ install: console
 	@mkdir -p $(GOPATH)/bin && cp -f $(PWD)/console $(GOPATH)/bin/console
 	@echo "Installation successful. To learn more, try \"console --help\"."

-swagger-gen: clean-swagger swagger-console swagger-operator
+swagger-gen: clean-swagger swagger-console swagger-operator apply-gofmt
 	@echo "Done Generating swagger server code from yaml"

+apply-gofmt:
+	@echo "Applying gofmt to all generated an existing files"
+	@GO111MODULE=on gofmt -w .
+
 clean-swagger:
 	@echo "cleaning"
 	@rm -rf models
@@ -63,7 +65,8 @@ swagger-operator:
 	@swagger generate server -A operator --main-package=operator --server-package=operatorapi --exclude-main -P models.Principal -f ./swagger-operator.yml -r NOTICE

 assets:
-	@(cd portal-ui; yarn install --prefer-offline; make build-static; yarn prettier --write . --loglevel warn; cd ..)
+	@(if [ -f "${NVM_DIR}/nvm.sh" ]; then \. "${NVM_DIR}/nvm.sh" && nvm install && nvm use && npm install -g yarn ; fi &&\
+	  cd portal-ui; yarn install --prefer-offline; make build-static; yarn prettier --write . --loglevel warn; cd ..)

 test-integration:
 	@(docker stop pgsqlcontainer || true)
@@ -261,7 +264,7 @@ clean:
 	@rm -vf console

 docker:
-	@docker buildx build --output=type=docker --platform linux/amd64 -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' .
+	@docker buildx build --output=type=docker --platform linux/amd64 -t $(TAG) --build-arg build_version=$(BUILD_VERSION) --build-arg build_time='$(BUILD_TIME)' --build-arg NODE_VERSION='$(NODE_VERSION)' .

 release: swagger-gen
 	@echo "Generating Release: $(RELEASE)"
--- a/README.md
+++ b/README.md
@@ -54,7 +54,7 @@ docker pull minio/console

 ### Build from source
 > You will need a working Go environment. Therefore, please follow [How to install Go](https://golang.org/doc/install).
-> Minimum version required is go1.17
+> Minimum version required is go1.18

 ```
 go install github.com/minio/console/cmd/console@latest
--- a/cluster/cluster.go
+++ b/cluster/cluster.go
@@ -17,6 +17,7 @@
 package cluster

 import (
+	directpvclient "github.com/minio/directpv/pkg/client"
 	operator "github.com/minio/operator/pkg/client/clientset/versioned"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/rest"
@@ -63,3 +64,13 @@ func OperatorClient(token string) (*operator.Clientset, error) {
 func K8sClient(token string) (*kubernetes.Clientset, error) {
 	return kubernetes.NewForConfig(GetK8sConfig(token))
 }
+
+// DirectPV interfaces  required to fetch information
+
+func DirectPVDriveInterface(token string) (*directpvclient.DirectCSIDriveInterface, error) {
+	return directpvclient.DirectCSIDriveInterfaceForConfig(GetK8sConfig(token))
+}
+
+func DirectPVVolumeInterface(token string) (*directpvclient.DirectCSIVolumeInterface, error) {
+	return directpvclient.DirectCSIVolumeInterfaceForConfig(GetK8sConfig(token))
+}
--- a/go.mod
+++ b/go.mod
@@ -1,104 +1,128 @@
 module github.com/minio/console

-go 1.17
+go 1.18

 require (
 	github.com/blang/semver/v4 v4.0.0
-	github.com/cheggaaa/pb/v3 v3.0.8
+	github.com/cheggaaa/pb/v3 v3.1.0
 	github.com/dustin/go-humanize v1.0.0
 	github.com/fatih/color v1.13.0
-	github.com/go-openapi/errors v0.20.2
-	github.com/go-openapi/loads v0.21.1
-	github.com/go-openapi/runtime v0.23.3
-	github.com/go-openapi/spec v0.20.5
-	github.com/go-openapi/strfmt v0.21.2
-	github.com/go-openapi/swag v0.21.1
-	github.com/go-openapi/validate v0.21.0
-	github.com/golang-jwt/jwt/v4 v4.4.1
+	github.com/go-openapi/errors v0.20.3
+	github.com/go-openapi/loads v0.21.2
+	github.com/go-openapi/runtime v0.24.2
+	github.com/go-openapi/spec v0.20.7
+	github.com/go-openapi/strfmt v0.21.3
+	github.com/go-openapi/swag v0.22.3
+	github.com/go-openapi/validate v0.22.0
+	github.com/golang-jwt/jwt/v4 v4.4.2
 	github.com/google/uuid v1.3.0
 	github.com/gorilla/websocket v1.5.0
 	github.com/jessevdk/go-flags v1.5.0
-	github.com/klauspost/compress v1.15.1
-	github.com/minio/cli v1.22.0
+	github.com/klauspost/compress v1.15.12
+	github.com/minio/cli v1.24.0
+	github.com/minio/directpv v1.4.4-0.20220805090942-948ca4731651
 	github.com/minio/highwayhash v1.0.2
-	github.com/minio/kes v0.19.2
-	github.com/minio/madmin-go v1.4.3
-	github.com/minio/mc v0.0.0-20220705180830-01b87ecc02ff
-	github.com/minio/minio-go/v7 v7.0.30
-	github.com/minio/operator v0.0.0-20220414212219-ba4c097324b2
-	github.com/minio/pkg v1.1.23
-	github.com/minio/selfupdate v0.4.0
+	github.com/minio/kes v0.22.0
+	github.com/minio/madmin-go/v2 v2.0.0
+	github.com/minio/mc v0.0.0-20221201184114-854b4f123f03
+	github.com/minio/minio-go/v7 v7.0.44
+	github.com/minio/operator v0.0.0-20220902184351-21e4073132b0
+	github.com/minio/pkg v1.5.5
+	github.com/minio/selfupdate v0.5.0
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/rs/xid v1.4.0
 	github.com/secure-io/sio-go v0.3.1
-	github.com/stretchr/testify v1.7.1
-	github.com/tidwall/gjson v1.14.0
-	github.com/unrolled/secure v1.10.0
-	golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e
-	golang.org/x/net v0.0.0-20220421235706-1d1ef9303861
-	golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5
+	github.com/stretchr/testify v1.8.1
+	github.com/tidwall/gjson v1.14.3
+	github.com/unrolled/secure v1.13.0
+	golang.org/x/crypto v0.3.0
+	golang.org/x/net v0.2.0
+	golang.org/x/oauth2 v0.2.0
+	// Added to include security fix for
+	// https://github.com/golang/go/issues/56152
+	golang.org/x/text v0.4.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0
-	k8s.io/api v0.23.5
-	k8s.io/apimachinery v0.23.5
-	k8s.io/client-go v0.23.5
-	k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9
+	k8s.io/api v0.25.4
+	k8s.io/apimachinery v0.25.4
+	k8s.io/client-go v0.25.4
+	k8s.io/utils v0.0.0-20221108210102-8e77b1f39fe2
 )

 require (
+	aead.dev/mem v0.2.0 // indirect
+	cloud.google.com/go/compute v1.7.0 // indirect
+	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
+	github.com/Azure/go-autorest/autorest v0.11.27 // indirect
+	github.com/Azure/go-autorest/autorest/adal v0.9.20 // indirect
+	github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
+	github.com/Azure/go-autorest/logger v0.2.1 // indirect
+	github.com/Azure/go-autorest/tracing v0.6.0 // indirect
 	github.com/VividCortex/ewma v1.2.0 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect
+	github.com/aymanbagabas/go-osc52 v1.2.1 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cespare/xxhash/v2 v2.1.2 // indirect
-	github.com/charmbracelet/bubbles v0.10.3 // indirect
-	github.com/charmbracelet/bubbletea v0.20.0 // indirect
-	github.com/charmbracelet/lipgloss v0.5.0 // indirect
+	github.com/charmbracelet/bubbles v0.14.0 // indirect
+	github.com/charmbracelet/bubbletea v0.22.1 // indirect
+	github.com/charmbracelet/lipgloss v0.6.0 // indirect
 	github.com/cheggaaa/pb v1.0.29 // indirect
 	github.com/containerd/console v1.0.3 // indirect
 	github.com/coreos/go-semver v0.3.0 // indirect
-	github.com/coreos/go-systemd/v22 v22.3.2 // indirect
+	github.com/coreos/go-systemd/v22 v22.4.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 // indirect
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0 // indirect
 	github.com/docker/go-units v0.4.0 // indirect
+	github.com/emicklei/go-restful/v3 v3.8.0 // indirect
 	github.com/evanphx/json-patch v5.6.0+incompatible // indirect
 	github.com/fatih/structs v1.1.0 // indirect
+	github.com/fsnotify/fsnotify v1.5.1 // indirect
 	github.com/gdamore/encoding v1.0.0 // indirect
-	github.com/gdamore/tcell/v2 v2.4.1-0.20210905002822-f057f0a857a1 // indirect
-	github.com/go-logr/logr v1.2.2 // indirect
+	github.com/gdamore/tcell/v2 v2.5.3 // indirect
+	github.com/go-logr/logr v1.2.3 // indirect
 	github.com/go-ole/go-ole v1.2.6 // indirect
-	github.com/go-openapi/analysis v0.21.2 // indirect
+	github.com/go-openapi/analysis v0.21.4 // indirect
 	github.com/go-openapi/jsonpointer v0.19.5 // indirect
 	github.com/go-openapi/jsonreference v0.20.0 // indirect
-	github.com/go-stack/stack v1.8.1 // indirect
-	github.com/goccy/go-json v0.9.4 // indirect
+	github.com/goccy/go-json v0.9.11 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
-	github.com/google/go-cmp v0.5.7 // indirect
+	github.com/google/gnostic v0.5.7-v3refs // indirect
+	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
-	github.com/googleapis/gnostic v0.5.5 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
-	github.com/inconshreveable/mousetrap v1.0.0 // indirect
+	github.com/hashicorp/hcl v1.0.0 // indirect
+	github.com/imdario/mergo v0.3.12 // indirect
+	github.com/inconshreveable/mousetrap v1.0.1 // indirect
+	github.com/jedib0t/go-pretty/v6 v6.3.8 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/klauspost/cpuid/v2 v2.0.11 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.1 // indirect
+	github.com/kr/pretty v0.2.1 // indirect
 	github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
-	github.com/lestrrat-go/blackmagic v1.0.0 // indirect
-	github.com/lestrrat-go/httpcc v1.0.0 // indirect
-	github.com/lestrrat-go/iter v1.0.1 // indirect
-	github.com/lestrrat-go/jwx v1.2.19 // indirect
+	github.com/lestrrat-go/blackmagic v1.0.1 // indirect
+	github.com/lestrrat-go/httpcc v1.0.1 // indirect
+	github.com/lestrrat-go/iter v1.0.2 // indirect
+	github.com/lestrrat-go/jwx v1.2.25 // indirect
 	github.com/lestrrat-go/option v1.0.0 // indirect
 	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
-	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
+	github.com/lufia/plan9stats v0.0.0-20220913051719-115f729f3c8c // indirect
+	github.com/magiconair/properties v1.8.5 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
-	github.com/mattn/go-colorable v0.1.12 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-ieproxy v0.0.1 // indirect
-	github.com/mattn/go-isatty v0.0.14 // indirect
-	github.com/mattn/go-runewidth v0.0.13 // indirect
-	github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
-	github.com/minio/colorjson v1.0.2 // indirect
+	github.com/mattn/go-isatty v0.0.16 // indirect
+	github.com/mattn/go-localereader v0.0.1 // indirect
+	github.com/mattn/go-runewidth v0.0.14 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect
+	github.com/mb0/glob v0.0.0-20160210091149-1eb79d2de6c4 // indirect
+	github.com/miekg/dns v1.1.48 // indirect
+	github.com/minio/colorjson v1.0.4 // indirect
 	github.com/minio/filepath v1.0.0 // indirect
+	github.com/minio/madmin-go v1.7.5 // indirect
 	github.com/minio/md5-simd v1.1.2 // indirect
 	github.com/minio/sha256-simd v1.0.0 // indirect
 	github.com/mitchellh/mapstructure v1.4.3 // indirect
@@ -106,57 +130,68 @@ require (
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/montanaflynn/stats v0.6.6 // indirect
 	github.com/muesli/ansi v0.0.0-20211031195517-c9f0611b6c70 // indirect
+	github.com/muesli/cancelreader v0.2.2 // indirect
 	github.com/muesli/reflow v0.3.0 // indirect
-	github.com/muesli/termenv v0.11.1-0.20220212125758-44cd13922739 // indirect
-	github.com/navidys/tvxwidgets v0.1.0 // indirect
+	github.com/muesli/termenv v0.13.0 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/navidys/tvxwidgets v0.1.1 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
 	github.com/olekukonko/tablewriter v0.0.5 // indirect
+	github.com/pelletier/go-toml v1.9.4 // indirect
 	github.com/philhofer/fwd v1.1.2-0.20210722190033-5c56ac6d0bb9 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/pkg/xattr v0.4.5 // indirect
+	github.com/pkg/xattr v0.4.9 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/posener/complete v1.2.3 // indirect
 	github.com/power-devops/perfstat v0.0.0-20220216144756-c35f1ee13d7c // indirect
-	github.com/prometheus/client_golang v1.12.1 // indirect
-	github.com/prometheus/client_model v0.2.0 // indirect
-	github.com/prometheus/common v0.33.0 // indirect
-	github.com/prometheus/procfs v0.7.3 // indirect
-	github.com/prometheus/prom2json v1.3.1 // indirect
-	github.com/rivo/tview v0.0.0-20220216162559-96063d6082f3 // indirect
-	github.com/rivo/uniseg v0.2.0 // indirect
+	github.com/prometheus/client_golang v1.13.0 // indirect
+	github.com/prometheus/client_model v0.3.0 // indirect
+	github.com/prometheus/common v0.37.0 // indirect
+	github.com/prometheus/procfs v0.8.0 // indirect
+	github.com/prometheus/prom2json v1.3.2 // indirect
+	github.com/rivo/tview v0.0.0-20220916081518-2e69b7385a37 // indirect
+	github.com/rivo/uniseg v0.4.2 // indirect
 	github.com/rjeczalik/notify v0.9.2 // indirect
-	github.com/shirou/gopsutil/v3 v3.22.2 // indirect
-	github.com/sirupsen/logrus v1.8.1 // indirect
+	github.com/shirou/gopsutil/v3 v3.22.9 // indirect
+	github.com/sirupsen/logrus v1.9.0 // indirect
+	github.com/spf13/afero v1.6.0 // indirect
+	github.com/spf13/cast v1.4.1 // indirect
+	github.com/spf13/jwalterweatherman v1.1.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/spf13/viper v1.10.0 // indirect
+	github.com/subosito/gotenv v1.2.0 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
-	github.com/tidwall/pretty v1.2.0 // indirect
+	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/tinylib/msgp v1.1.7-0.20211026165309-e818a1881b0e // indirect
-	github.com/tklauser/go-sysconf v0.3.10 // indirect
-	github.com/tklauser/numcpus v0.4.0 // indirect
+	github.com/tklauser/go-sysconf v0.3.11 // indirect
+	github.com/tklauser/numcpus v0.6.0 // indirect
 	github.com/yusufpapurcu/wmi v1.2.2 // indirect
-	go.etcd.io/etcd/api/v3 v3.5.2 // indirect
-	go.etcd.io/etcd/client/pkg/v3 v3.5.2 // indirect
-	go.etcd.io/etcd/client/v3 v3.5.2 // indirect
-	go.mongodb.org/mongo-driver v1.8.4 // indirect
-	go.uber.org/atomic v1.9.0 // indirect
+	go.etcd.io/etcd/api/v3 v3.5.5 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.5.5 // indirect
+	go.etcd.io/etcd/client/v3 v3.5.5 // indirect
+	go.mongodb.org/mongo-driver v1.10.0 // indirect
+	go.uber.org/atomic v1.10.0 // indirect
 	go.uber.org/multierr v1.8.0 // indirect
-	go.uber.org/zap v1.21.0 // indirect
-	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
-	golang.org/x/sys v0.0.0-20220412211240-33da011f77ad // indirect
-	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
-	golang.org/x/text v0.3.7 // indirect
+	go.uber.org/zap v1.23.0 // indirect
+	golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 // indirect
+	golang.org/x/sync v0.1.0 // indirect
+	golang.org/x/sys v0.2.0 // indirect
+	golang.org/x/term v0.2.0 // indirect
 	golang.org/x/time v0.0.0-20220224211638-0e9765cccd65 // indirect
+	golang.org/x/tools v0.1.12 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/genproto v0.0.0-20220302033224-9aa15565e42a // indirect
-	google.golang.org/grpc v1.44.0 // indirect
-	google.golang.org/protobuf v1.27.1 // indirect
+	google.golang.org/genproto v0.0.0-20221018160656-63c7b68cfc55 // indirect
+	google.golang.org/grpc v1.50.1 // indirect
+	google.golang.org/protobuf v1.28.1 // indirect
 	gopkg.in/h2non/filetype.v1 v1.0.5 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
-	gopkg.in/ini.v1 v1.66.4 // indirect
+	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/klog/v2 v2.40.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20220124234850-424119656bbf // indirect
+	k8s.io/apiextensions-apiserver v0.24.3 // indirect
+	k8s.io/klog/v2 v2.80.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 // indirect
 	sigs.k8s.io/controller-runtime v0.11.1 // indirect
-	sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 // indirect
-	sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect
+	sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
 	sigs.k8s.io/yaml v1.3.0 // indirect
 )
--- a/go.sum
+++ b/go.sum
--- a/integration/login_test.go
+++ b/integration/login_test.go
@@ -116,8 +116,8 @@ func TestLogout(t *testing.T) {
 		log.Println("authentication token not found in cookies response")
 		return
 	}
-
-	request, err = http.NewRequest("POST", "http://localhost:9090/api/v1/logout", requestDataBody)
+	logoutRequest := bytes.NewReader([]byte("{}"))
+	request, err = http.NewRequest("POST", "http://localhost:9090/api/v1/logout", logoutRequest)
 	if err != nil {
 		log.Println(err)
 		return
@@ -126,7 +126,6 @@ func TestLogout(t *testing.T) {
 	request.Header.Add("Content-Type", "application/json")

 	response, err = client.Do(request)
-
 	assert.NotNil(response, "Logout response is nil")
 	assert.Nil(err, "Logout errored out")
 	assert.Equal(response.StatusCode, 200)
@@ -157,7 +156,7 @@ func TestBadLogin(t *testing.T) {

 	response, err := client.Do(request)

-	assert.Equal(response.StatusCode, 500, "Login request not rejected")
+	assert.Equal(401, response.StatusCode, "Login request not rejected")
 	assert.NotNil(response, "Login response is  nil")
 	assert.Nil(err, "Login errored out")
 }
--- a/integration/profiling_test.go
+++ b/integration/profiling_test.go
@@ -20,18 +20,16 @@ import (
 	"archive/zip"
 	"bytes"
 	"fmt"
-	"io"
 	"log"
 	"net/http"
-	"strings"
 	"testing"
-	"time"

+	"github.com/gorilla/websocket"
 	"github.com/stretchr/testify/assert"
 )

 func TestStartProfiling(t *testing.T) {
-	testAsser := assert.New(t)
+	testAssert := assert.New(t)

 	tests := []struct {
 		name string
@@ -58,53 +56,28 @@ func TestStartProfiling(t *testing.T) {
 				"profile-127.0.0.1:9000-mutex-before.pprof":            false,
 			}

-			client := &http.Client{
-				Timeout: 3 * time.Second,
-			}
+			wsDestination := "/ws/profile?types=cpu,mem,block,mutex,trace,threads,goroutines"
+			wsFinalURL := fmt.Sprintf("ws://localhost:9090%s", wsDestination)

-			destination := "/api/v1/profiling/start"
-			finalURL := fmt.Sprintf("http://localhost:9090%s", destination)
-			request, err := http.NewRequest("POST", finalURL, strings.NewReader("{\"type\":\"cpu,mem,block,mutex,trace,threads,goroutines\"}"))
+			ws, _, err := websocket.DefaultDialer.Dial(wsFinalURL, nil)
+			if err != nil {
+				log.Println(err)
+				return
+			}
+			defer ws.Close()
+
+			_, zipFileBytes, err := ws.ReadMessage()
 			if err != nil {
 				log.Println(err)
 				return
 			}

-			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-			request.Header.Add("Content-Type", "application/json")
-
-			response, err := client.Do(request)
-
-			testAsser.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
-			testAsser.Equal(201, response.StatusCode)
-
-			time.Sleep(5 * time.Second)
-
-			destination = "/api/v1/profiling/stop"
-			finalURL = fmt.Sprintf("http://localhost:9090%s", destination)
-			request, err = http.NewRequest("POST", finalURL, nil)
-			if err != nil {
-				log.Println(err)
-				return
-			}
-
-			request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
-			request.Header.Add("Content-Type", "application/json")
-
-			response, err = client.Do(request)
-
-			testAsser.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
-			testAsser.Equal(200, response.StatusCode)
-			zipFileBytes, err := io.ReadAll(response.Body)
-			if err != nil {
-				testAsser.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
-			}
 			filetype := http.DetectContentType(zipFileBytes)
-			testAsser.Equal("application/zip", filetype)
+			testAssert.Equal("application/zip", filetype)

 			zipReader, err := zip.NewReader(bytes.NewReader(zipFileBytes), int64(len(zipFileBytes)))
 			if err != nil {
-				testAsser.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
+				testAssert.Nil(err, fmt.Sprintf("%s returned an error: %v", tt.name, err))
 			}

 			// Read all the files from zip archive
@@ -113,7 +86,7 @@ func TestStartProfiling(t *testing.T) {
 			}

 			for k, v := range files {
-				testAsser.Equal(true, v, fmt.Sprintf("%s : compressed file expected to have %v file inside", tt.name, k))
+				testAssert.Equal(true, v, fmt.Sprintf("%s : compressed file expected to have %v file inside", tt.name, k))
 			}
 		})
 	}
--- a/k8s/metrics-dev.yaml
+++ b/k8s/metrics-dev.yaml
@@ -149,5 +149,5 @@ spec:
            - name: tmp-dir
              mountPath: /tmp
      nodeSelector:
-        beta.kubernetes.io/os: linux
+        kubernetes.io/os: linux
        kubernetes.io/arch: "amd64"
--- a/k8s/operator-console/base/console-deployment.yaml
+++ b/k8s/operator-console/base/console-deployment.yaml
@@ -15,7 +15,7 @@ spec:
      serviceAccountName: console-sa
      containers:
        - name: console
-          image: 'minio/console:v0.19.1'
+          image: 'minio/console:v0.22.2'
          imagePullPolicy: "IfNotPresent"
          env:
            - name: CONSOLE_OPERATOR_MODE
--- a/k8s/operator-console/standalone/console-deployment.yaml
+++ b/k8s/operator-console/standalone/console-deployment.yaml
@@ -32,7 +32,7 @@ spec:
    spec:
      containers:
        - name: console
-          image: 'minio/console:v0.19.1'
+          image: 'minio/console:v0.22.2'
          imagePullPolicy: "IfNotPresent"
          env:
            - name: CONSOLE_MINIO_SERVER
--- a/models/admin_info_response.go
+++ b/models/admin_info_response.go
@@ -24,11 +24,13 @@ package models

 import (
 	"context"
+	"encoding/json"
 	"strconv"

 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
 )

 // AdminInfoResponse admin info response
@@ -36,15 +38,19 @@ import (
 // swagger:model adminInfoResponse
 type AdminInfoResponse struct {

+	// advanced metrics status
+	// Enum: [not configured available unavailable]
+	AdvancedMetricsStatus string `json:"advancedMetricsStatus,omitempty"`
+
+	// backend
+	Backend *BackendProperties `json:"backend,omitempty"`
+
 	// buckets
 	Buckets int64 `json:"buckets,omitempty"`

 	// objects
 	Objects int64 `json:"objects,omitempty"`

-	// prometheus not ready
-	PrometheusNotReady bool `json:"prometheusNotReady,omitempty"`
-
 	// servers
 	Servers []*ServerProperties `json:"servers"`

@@ -59,6 +65,14 @@ type AdminInfoResponse struct {
 func (m *AdminInfoResponse) Validate(formats strfmt.Registry) error {
 	var res []error

+	if err := m.validateAdvancedMetricsStatus(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateBackend(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateServers(formats); err != nil {
 		res = append(res, err)
 	}
@@ -73,6 +87,70 @@ func (m *AdminInfoResponse) Validate(formats strfmt.Registry) error {
 	return nil
 }

+var adminInfoResponseTypeAdvancedMetricsStatusPropEnum []interface{}
+
+func init() {
+	var res []string
+	if err := json.Unmarshal([]byte(`["not configured","available","unavailable"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		adminInfoResponseTypeAdvancedMetricsStatusPropEnum = append(adminInfoResponseTypeAdvancedMetricsStatusPropEnum, v)
+	}
+}
+
+const (
+
+	// AdminInfoResponseAdvancedMetricsStatusNotConfigured captures enum value "not configured"
+	AdminInfoResponseAdvancedMetricsStatusNotConfigured string = "not configured"
+
+	// AdminInfoResponseAdvancedMetricsStatusAvailable captures enum value "available"
+	AdminInfoResponseAdvancedMetricsStatusAvailable string = "available"
+
+	// AdminInfoResponseAdvancedMetricsStatusUnavailable captures enum value "unavailable"
+	AdminInfoResponseAdvancedMetricsStatusUnavailable string = "unavailable"
+)
+
+// prop value enum
+func (m *AdminInfoResponse) validateAdvancedMetricsStatusEnum(path, location string, value string) error {
+	if err := validate.EnumCase(path, location, value, adminInfoResponseTypeAdvancedMetricsStatusPropEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (m *AdminInfoResponse) validateAdvancedMetricsStatus(formats strfmt.Registry) error {
+	if swag.IsZero(m.AdvancedMetricsStatus) { // not required
+		return nil
+	}
+
+	// value enum
+	if err := m.validateAdvancedMetricsStatusEnum("advancedMetricsStatus", "body", m.AdvancedMetricsStatus); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *AdminInfoResponse) validateBackend(formats strfmt.Registry) error {
+	if swag.IsZero(m.Backend) { // not required
+		return nil
+	}
+
+	if m.Backend != nil {
+		if err := m.Backend.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("backend")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("backend")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *AdminInfoResponse) validateServers(formats strfmt.Registry) error {
 	if swag.IsZero(m.Servers) { // not required
 		return nil
@@ -129,6 +207,10 @@ func (m *AdminInfoResponse) validateWidgets(formats strfmt.Registry) error {
 func (m *AdminInfoResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error

+	if err := m.contextValidateBackend(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.contextValidateServers(ctx, formats); err != nil {
 		res = append(res, err)
 	}
@@ -143,6 +225,22 @@ func (m *AdminInfoResponse) ContextValidate(ctx context.Context, formats strfmt.
 	return nil
 }

+func (m *AdminInfoResponse) contextValidateBackend(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Backend != nil {
+		if err := m.Backend.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("backend")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("backend")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *AdminInfoResponse) contextValidateServers(ctx context.Context, formats strfmt.Registry) error {

 	for i := 0; i < len(m.Servers); i++ {
--- a/models/api_key.go
+++ b/models/api_key.go
@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// APIKey api key
+//
+// swagger:model apiKey
+type APIKey struct {
+
+	// api key
+	APIKey string `json:"apiKey,omitempty"`
+}
+
+// Validate validates this api key
+func (m *APIKey) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this api key based on context it is used
+func (m *APIKey) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *APIKey) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *APIKey) UnmarshalBinary(b []byte) error {
+	var res APIKey
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/backend_properties.go
+++ b/models/backend_properties.go
@@ -0,0 +1,73 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// BackendProperties backend properties
+//
+// swagger:model BackendProperties
+type BackendProperties struct {
+
+	// backend type
+	BackendType string `json:"backendType,omitempty"`
+
+	// rr s c parity
+	RrSCParity int64 `json:"rrSCParity,omitempty"`
+
+	// standard s c parity
+	StandardSCParity int64 `json:"standardSCParity,omitempty"`
+}
+
+// Validate validates this backend properties
+func (m *BackendProperties) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this backend properties based on context it is used
+func (m *BackendProperties) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BackendProperties) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BackendProperties) UnmarshalBinary(b []byte) error {
+	var res BackendProperties
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/create_tenant_request.go
+++ b/models/create_tenant_request.go
@@ -58,6 +58,9 @@ type CreateTenantRequest struct {
 	// encryption
 	Encryption *EncryptionConfiguration `json:"encryption,omitempty"`

+	// environment variables
+	EnvironmentVariables []*EnvironmentVariable `json:"environmentVariables"`
+
 	// erasure coding parity
 	ErasureCodingParity int64 `json:"erasureCodingParity,omitempty"`

@@ -85,8 +88,8 @@ type CreateTenantRequest struct {
 	// log search configuration
 	LogSearchConfiguration *LogSearchConfiguration `json:"logSearchConfiguration,omitempty"`

-	// mounth path
-	MounthPath string `json:"mounth_path,omitempty"`
+	// mount path
+	MountPath string `json:"mount_path,omitempty"`

 	// name
 	// Required: true
@@ -123,6 +126,10 @@ func (m *CreateTenantRequest) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}

+	if err := m.validateEnvironmentVariables(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateIdp(formats); err != nil {
 		res = append(res, err)
 	}
@@ -199,6 +206,32 @@ func (m *CreateTenantRequest) validateEncryption(formats strfmt.Registry) error
 	return nil
 }

+func (m *CreateTenantRequest) validateEnvironmentVariables(formats strfmt.Registry) error {
+	if swag.IsZero(m.EnvironmentVariables) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.EnvironmentVariables); i++ {
+		if swag.IsZero(m.EnvironmentVariables[i]) { // not required
+			continue
+		}
+
+		if m.EnvironmentVariables[i] != nil {
+			if err := m.EnvironmentVariables[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("environmentVariables" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("environmentVariables" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
 func (m *CreateTenantRequest) validateIdp(formats strfmt.Registry) error {
 	if swag.IsZero(m.Idp) { // not required
 		return nil
@@ -355,6 +388,10 @@ func (m *CreateTenantRequest) ContextValidate(ctx context.Context, formats strfm
 		res = append(res, err)
 	}

+	if err := m.contextValidateEnvironmentVariables(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.contextValidateIdp(ctx, formats); err != nil {
 		res = append(res, err)
 	}
@@ -417,6 +454,26 @@ func (m *CreateTenantRequest) contextValidateEncryption(ctx context.Context, for
 	return nil
 }

+func (m *CreateTenantRequest) contextValidateEnvironmentVariables(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.EnvironmentVariables); i++ {
+
+		if m.EnvironmentVariables[i] != nil {
+			if err := m.EnvironmentVariables[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("environmentVariables" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("environmentVariables" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
 func (m *CreateTenantRequest) contextValidateIdp(ctx context.Context, formats strfmt.Registry) error {

 	if m.Idp != nil {
--- a/models/direct_c_s_i_drive_info.go
+++ b/models/direct_c_s_i_drive_info.go
@@ -29,10 +29,10 @@ import (
 	"github.com/go-openapi/swag"
 )

-// DirectCSIDriveInfo direct c s i drive info
+// DirectPVDriveInfo direct p v drive info
 //
-// swagger:model directCSIDriveInfo
-type DirectCSIDriveInfo struct {
+// swagger:model directPVDriveInfo
+type DirectPVDriveInfo struct {

 	// allocated
 	Allocated int64 `json:"allocated,omitempty"`
@@ -56,18 +56,18 @@ type DirectCSIDriveInfo struct {
 	Volumes int64 `json:"volumes,omitempty"`
 }

-// Validate validates this direct c s i drive info
-func (m *DirectCSIDriveInfo) Validate(formats strfmt.Registry) error {
+// Validate validates this direct p v drive info
+func (m *DirectPVDriveInfo) Validate(formats strfmt.Registry) error {
 	return nil
 }

-// ContextValidate validates this direct c s i drive info based on context it is used
-func (m *DirectCSIDriveInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+// ContextValidate validates this direct p v drive info based on context it is used
+func (m *DirectPVDriveInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }

 // MarshalBinary interface implementation
-func (m *DirectCSIDriveInfo) MarshalBinary() ([]byte, error) {
+func (m *DirectPVDriveInfo) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -75,8 +75,8 @@ func (m *DirectCSIDriveInfo) MarshalBinary() ([]byte, error) {
 }

 // UnmarshalBinary interface implementation
-func (m *DirectCSIDriveInfo) UnmarshalBinary(b []byte) error {
-	var res DirectCSIDriveInfo
+func (m *DirectPVDriveInfo) UnmarshalBinary(b []byte) error {
+	var res DirectPVDriveInfo
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
--- a/models/direct_c_s_i_volume_info.go
+++ b/models/direct_c_s_i_volume_info.go
@@ -29,10 +29,10 @@ import (
 	"github.com/go-openapi/swag"
 )

-// DirectCSIVolumeInfo direct c s i volume info
+// DirectPVVolumeInfo direct p v volume info
 //
-// swagger:model directCSIVolumeInfo
-type DirectCSIVolumeInfo struct {
+// swagger:model directPVVolumeInfo
+type DirectPVVolumeInfo struct {

 	// capacity
 	Capacity int64 `json:"capacity,omitempty"`
@@ -47,18 +47,18 @@ type DirectCSIVolumeInfo struct {
 	Volume string `json:"volume,omitempty"`
 }

-// Validate validates this direct c s i volume info
-func (m *DirectCSIVolumeInfo) Validate(formats strfmt.Registry) error {
+// Validate validates this direct p v volume info
+func (m *DirectPVVolumeInfo) Validate(formats strfmt.Registry) error {
 	return nil
 }

-// ContextValidate validates this direct c s i volume info based on context it is used
-func (m *DirectCSIVolumeInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+// ContextValidate validates this direct p v volume info based on context it is used
+func (m *DirectPVVolumeInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }

 // MarshalBinary interface implementation
-func (m *DirectCSIVolumeInfo) MarshalBinary() ([]byte, error) {
+func (m *DirectPVVolumeInfo) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -66,8 +66,8 @@ func (m *DirectCSIVolumeInfo) MarshalBinary() ([]byte, error) {
 }

 // UnmarshalBinary interface implementation
-func (m *DirectCSIVolumeInfo) UnmarshalBinary(b []byte) error {
-	var res DirectCSIVolumeInfo
+func (m *DirectPVVolumeInfo) UnmarshalBinary(b []byte) error {
+	var res DirectPVVolumeInfo
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
--- a/models/encryption_configuration.go
+++ b/models/encryption_configuration.go
@@ -42,9 +42,6 @@ type EncryptionConfiguration struct {
 	// azure
 	Azure *AzureConfiguration `json:"azure,omitempty"`

-	// client
-	Client *KeyPairConfiguration `json:"client,omitempty"`
-
 	// gcp
 	Gcp *GcpConfiguration `json:"gcp,omitempty"`

@@ -54,6 +51,15 @@ type EncryptionConfiguration struct {
 	// image
 	Image string `json:"image,omitempty"`

+	// kms mtls
+	KmsMtls *EncryptionConfigurationAO1KmsMtls `json:"kms_mtls,omitempty"`
+
+	// minio mtls
+	MinioMtls *KeyPairConfiguration `json:"minio_mtls,omitempty"`
+
+	// raw
+	Raw string `json:"raw,omitempty"`
+
 	// replicas
 	Replicas string `json:"replicas,omitempty"`

@@ -63,8 +69,8 @@ type EncryptionConfiguration struct {
 	// security context
 	SecurityContext *SecurityContext `json:"securityContext,omitempty"`

-	// server
-	Server *KeyPairConfiguration `json:"server,omitempty"`
+	// server tls
+	ServerTLS *KeyPairConfiguration `json:"server_tls,omitempty"`

 	// vault
 	Vault *VaultConfiguration `json:"vault,omitempty"`
@@ -85,21 +91,25 @@ func (m *EncryptionConfiguration) UnmarshalJSON(raw []byte) error {

 		Azure *AzureConfiguration `json:"azure,omitempty"`

-		Client *KeyPairConfiguration `json:"client,omitempty"`
-
 		Gcp *GcpConfiguration `json:"gcp,omitempty"`

 		Gemalto *GemaltoConfiguration `json:"gemalto,omitempty"`

 		Image string `json:"image,omitempty"`

+		KmsMtls *EncryptionConfigurationAO1KmsMtls `json:"kms_mtls,omitempty"`
+
+		MinioMtls *KeyPairConfiguration `json:"minio_mtls,omitempty"`
+
+		Raw string `json:"raw,omitempty"`
+
 		Replicas string `json:"replicas,omitempty"`

 		SecretsToBeDeleted []string `json:"secretsToBeDeleted"`

 		SecurityContext *SecurityContext `json:"securityContext,omitempty"`

-		Server *KeyPairConfiguration `json:"server,omitempty"`
+		ServerTLS *KeyPairConfiguration `json:"server_tls,omitempty"`

 		Vault *VaultConfiguration `json:"vault,omitempty"`
 	}
@@ -111,21 +121,25 @@ func (m *EncryptionConfiguration) UnmarshalJSON(raw []byte) error {

 	m.Azure = dataAO1.Azure

-	m.Client = dataAO1.Client
-
 	m.Gcp = dataAO1.Gcp

 	m.Gemalto = dataAO1.Gemalto

 	m.Image = dataAO1.Image

+	m.KmsMtls = dataAO1.KmsMtls
+
+	m.MinioMtls = dataAO1.MinioMtls
+
+	m.Raw = dataAO1.Raw
+
 	m.Replicas = dataAO1.Replicas

 	m.SecretsToBeDeleted = dataAO1.SecretsToBeDeleted

 	m.SecurityContext = dataAO1.SecurityContext

-	m.Server = dataAO1.Server
+	m.ServerTLS = dataAO1.ServerTLS

 	m.Vault = dataAO1.Vault

@@ -146,21 +160,25 @@ func (m EncryptionConfiguration) MarshalJSON() ([]byte, error) {

 		Azure *AzureConfiguration `json:"azure,omitempty"`

-		Client *KeyPairConfiguration `json:"client,omitempty"`
-
 		Gcp *GcpConfiguration `json:"gcp,omitempty"`

 		Gemalto *GemaltoConfiguration `json:"gemalto,omitempty"`

 		Image string `json:"image,omitempty"`

+		KmsMtls *EncryptionConfigurationAO1KmsMtls `json:"kms_mtls,omitempty"`
+
+		MinioMtls *KeyPairConfiguration `json:"minio_mtls,omitempty"`
+
+		Raw string `json:"raw,omitempty"`
+
 		Replicas string `json:"replicas,omitempty"`

 		SecretsToBeDeleted []string `json:"secretsToBeDeleted"`

 		SecurityContext *SecurityContext `json:"securityContext,omitempty"`

-		Server *KeyPairConfiguration `json:"server,omitempty"`
+		ServerTLS *KeyPairConfiguration `json:"server_tls,omitempty"`

 		Vault *VaultConfiguration `json:"vault,omitempty"`
 	}
@@ -169,21 +187,25 @@ func (m EncryptionConfiguration) MarshalJSON() ([]byte, error) {

 	dataAO1.Azure = m.Azure

-	dataAO1.Client = m.Client
-
 	dataAO1.Gcp = m.Gcp

 	dataAO1.Gemalto = m.Gemalto

 	dataAO1.Image = m.Image

+	dataAO1.KmsMtls = m.KmsMtls
+
+	dataAO1.MinioMtls = m.MinioMtls
+
+	dataAO1.Raw = m.Raw
+
 	dataAO1.Replicas = m.Replicas

 	dataAO1.SecretsToBeDeleted = m.SecretsToBeDeleted

 	dataAO1.SecurityContext = m.SecurityContext

-	dataAO1.Server = m.Server
+	dataAO1.ServerTLS = m.ServerTLS

 	dataAO1.Vault = m.Vault

@@ -212,10 +234,6 @@ func (m *EncryptionConfiguration) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}

-	if err := m.validateClient(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if err := m.validateGcp(formats); err != nil {
 		res = append(res, err)
 	}
@@ -224,11 +242,19 @@ func (m *EncryptionConfiguration) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}

+	if err := m.validateKmsMtls(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateMinioMtls(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateSecurityContext(formats); err != nil {
 		res = append(res, err)
 	}

-	if err := m.validateServer(formats); err != nil {
+	if err := m.validateServerTLS(formats); err != nil {
 		res = append(res, err)
 	}

@@ -282,26 +308,6 @@ func (m *EncryptionConfiguration) validateAzure(formats strfmt.Registry) error {
 	return nil
 }

-func (m *EncryptionConfiguration) validateClient(formats strfmt.Registry) error {
-
-	if swag.IsZero(m.Client) { // not required
-		return nil
-	}
-
-	if m.Client != nil {
-		if err := m.Client.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("client")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("client")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 func (m *EncryptionConfiguration) validateGcp(formats strfmt.Registry) error {

 	if swag.IsZero(m.Gcp) { // not required
@@ -342,6 +348,46 @@ func (m *EncryptionConfiguration) validateGemalto(formats strfmt.Registry) error
 	return nil
 }

+func (m *EncryptionConfiguration) validateKmsMtls(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.KmsMtls) { // not required
+		return nil
+	}
+
+	if m.KmsMtls != nil {
+		if err := m.KmsMtls.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("kms_mtls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("kms_mtls")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfiguration) validateMinioMtls(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.MinioMtls) { // not required
+		return nil
+	}
+
+	if m.MinioMtls != nil {
+		if err := m.MinioMtls.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("minio_mtls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("minio_mtls")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *EncryptionConfiguration) validateSecurityContext(formats strfmt.Registry) error {

 	if swag.IsZero(m.SecurityContext) { // not required
@@ -362,18 +408,18 @@ func (m *EncryptionConfiguration) validateSecurityContext(formats strfmt.Registr
 	return nil
 }

-func (m *EncryptionConfiguration) validateServer(formats strfmt.Registry) error {
+func (m *EncryptionConfiguration) validateServerTLS(formats strfmt.Registry) error {

-	if swag.IsZero(m.Server) { // not required
+	if swag.IsZero(m.ServerTLS) { // not required
 		return nil
 	}

-	if m.Server != nil {
-		if err := m.Server.Validate(formats); err != nil {
+	if m.ServerTLS != nil {
+		if err := m.ServerTLS.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("server")
+				return ve.ValidateName("server_tls")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("server")
+				return ce.ValidateName("server_tls")
 			}
 			return err
 		}
@@ -419,10 +465,6 @@ func (m *EncryptionConfiguration) ContextValidate(ctx context.Context, formats s
 		res = append(res, err)
 	}

-	if err := m.contextValidateClient(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
 	if err := m.contextValidateGcp(ctx, formats); err != nil {
 		res = append(res, err)
 	}
@@ -431,11 +473,19 @@ func (m *EncryptionConfiguration) ContextValidate(ctx context.Context, formats s
 		res = append(res, err)
 	}

+	if err := m.contextValidateKmsMtls(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateMinioMtls(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.contextValidateSecurityContext(ctx, formats); err != nil {
 		res = append(res, err)
 	}

-	if err := m.contextValidateServer(ctx, formats); err != nil {
+	if err := m.contextValidateServerTLS(ctx, formats); err != nil {
 		res = append(res, err)
 	}

@@ -481,22 +531,6 @@ func (m *EncryptionConfiguration) contextValidateAzure(ctx context.Context, form
 	return nil
 }

-func (m *EncryptionConfiguration) contextValidateClient(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.Client != nil {
-		if err := m.Client.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("client")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("client")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 func (m *EncryptionConfiguration) contextValidateGcp(ctx context.Context, formats strfmt.Registry) error {

 	if m.Gcp != nil {
@@ -529,6 +563,38 @@ func (m *EncryptionConfiguration) contextValidateGemalto(ctx context.Context, fo
 	return nil
 }

+func (m *EncryptionConfiguration) contextValidateKmsMtls(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.KmsMtls != nil {
+		if err := m.KmsMtls.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("kms_mtls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("kms_mtls")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfiguration) contextValidateMinioMtls(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.MinioMtls != nil {
+		if err := m.MinioMtls.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("minio_mtls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("minio_mtls")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *EncryptionConfiguration) contextValidateSecurityContext(ctx context.Context, formats strfmt.Registry) error {

 	if m.SecurityContext != nil {
@@ -545,14 +611,14 @@ func (m *EncryptionConfiguration) contextValidateSecurityContext(ctx context.Con
 	return nil
 }

-func (m *EncryptionConfiguration) contextValidateServer(ctx context.Context, formats strfmt.Registry) error {
+func (m *EncryptionConfiguration) contextValidateServerTLS(ctx context.Context, formats strfmt.Registry) error {

-	if m.Server != nil {
-		if err := m.Server.ContextValidate(ctx, formats); err != nil {
+	if m.ServerTLS != nil {
+		if err := m.ServerTLS.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("server")
+				return ve.ValidateName("server_tls")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("server")
+				return ce.ValidateName("server_tls")
 			}
 			return err
 		}
@@ -594,3 +660,46 @@ func (m *EncryptionConfiguration) UnmarshalBinary(b []byte) error {
 	*m = res
 	return nil
 }
+
+// EncryptionConfigurationAO1KmsMtls encryption configuration a o1 kms mtls
+//
+// swagger:model EncryptionConfigurationAO1KmsMtls
+type EncryptionConfigurationAO1KmsMtls struct {
+
+	// ca
+	Ca string `json:"ca,omitempty"`
+
+	// crt
+	Crt string `json:"crt,omitempty"`
+
+	// key
+	Key string `json:"key,omitempty"`
+}
+
+// Validate validates this encryption configuration a o1 kms mtls
+func (m *EncryptionConfigurationAO1KmsMtls) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this encryption configuration a o1 kms mtls based on context it is used
+func (m *EncryptionConfigurationAO1KmsMtls) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *EncryptionConfigurationAO1KmsMtls) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *EncryptionConfigurationAO1KmsMtls) UnmarshalBinary(b []byte) error {
+	var res EncryptionConfigurationAO1KmsMtls
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/encryption_configuration_response.go
+++ b/models/encryption_configuration_response.go
@@ -51,8 +51,14 @@ type EncryptionConfigurationResponse struct {
 	// image
 	Image string `json:"image,omitempty"`

-	// mtls client
-	MtlsClient *CertificateInfo `json:"mtls_client,omitempty"`
+	// kms mtls
+	KmsMtls *EncryptionConfigurationResponseAO1KmsMtls `json:"kms_mtls,omitempty"`
+
+	// minio mtls
+	MinioMtls *CertificateInfo `json:"minio_mtls,omitempty"`
+
+	// raw
+	Raw string `json:"raw,omitempty"`

 	// replicas
 	Replicas string `json:"replicas,omitempty"`
@@ -60,8 +66,8 @@ type EncryptionConfigurationResponse struct {
 	// security context
 	SecurityContext *SecurityContext `json:"securityContext,omitempty"`

-	// server
-	Server *CertificateInfo `json:"server,omitempty"`
+	// server tls
+	ServerTLS *CertificateInfo `json:"server_tls,omitempty"`

 	// vault
 	Vault *VaultConfigurationResponse `json:"vault,omitempty"`
@@ -88,13 +94,17 @@ func (m *EncryptionConfigurationResponse) UnmarshalJSON(raw []byte) error {

 		Image string `json:"image,omitempty"`

-		MtlsClient *CertificateInfo `json:"mtls_client,omitempty"`
+		KmsMtls *EncryptionConfigurationResponseAO1KmsMtls `json:"kms_mtls,omitempty"`
+
+		MinioMtls *CertificateInfo `json:"minio_mtls,omitempty"`
+
+		Raw string `json:"raw,omitempty"`

 		Replicas string `json:"replicas,omitempty"`

 		SecurityContext *SecurityContext `json:"securityContext,omitempty"`

-		Server *CertificateInfo `json:"server,omitempty"`
+		ServerTLS *CertificateInfo `json:"server_tls,omitempty"`

 		Vault *VaultConfigurationResponse `json:"vault,omitempty"`
 	}
@@ -112,13 +122,17 @@ func (m *EncryptionConfigurationResponse) UnmarshalJSON(raw []byte) error {

 	m.Image = dataAO1.Image

-	m.MtlsClient = dataAO1.MtlsClient
+	m.KmsMtls = dataAO1.KmsMtls
+
+	m.MinioMtls = dataAO1.MinioMtls
+
+	m.Raw = dataAO1.Raw

 	m.Replicas = dataAO1.Replicas

 	m.SecurityContext = dataAO1.SecurityContext

-	m.Server = dataAO1.Server
+	m.ServerTLS = dataAO1.ServerTLS

 	m.Vault = dataAO1.Vault

@@ -145,13 +159,17 @@ func (m EncryptionConfigurationResponse) MarshalJSON() ([]byte, error) {

 		Image string `json:"image,omitempty"`

-		MtlsClient *CertificateInfo `json:"mtls_client,omitempty"`
+		KmsMtls *EncryptionConfigurationResponseAO1KmsMtls `json:"kms_mtls,omitempty"`
+
+		MinioMtls *CertificateInfo `json:"minio_mtls,omitempty"`
+
+		Raw string `json:"raw,omitempty"`

 		Replicas string `json:"replicas,omitempty"`

 		SecurityContext *SecurityContext `json:"securityContext,omitempty"`

-		Server *CertificateInfo `json:"server,omitempty"`
+		ServerTLS *CertificateInfo `json:"server_tls,omitempty"`

 		Vault *VaultConfigurationResponse `json:"vault,omitempty"`
 	}
@@ -166,13 +184,17 @@ func (m EncryptionConfigurationResponse) MarshalJSON() ([]byte, error) {

 	dataAO1.Image = m.Image

-	dataAO1.MtlsClient = m.MtlsClient
+	dataAO1.KmsMtls = m.KmsMtls
+
+	dataAO1.MinioMtls = m.MinioMtls
+
+	dataAO1.Raw = m.Raw

 	dataAO1.Replicas = m.Replicas

 	dataAO1.SecurityContext = m.SecurityContext

-	dataAO1.Server = m.Server
+	dataAO1.ServerTLS = m.ServerTLS

 	dataAO1.Vault = m.Vault

@@ -209,7 +231,11 @@ func (m *EncryptionConfigurationResponse) Validate(formats strfmt.Registry) erro
 		res = append(res, err)
 	}

-	if err := m.validateMtlsClient(formats); err != nil {
+	if err := m.validateKmsMtls(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateMinioMtls(formats); err != nil {
 		res = append(res, err)
 	}

@@ -217,7 +243,7 @@ func (m *EncryptionConfigurationResponse) Validate(formats strfmt.Registry) erro
 		res = append(res, err)
 	}

-	if err := m.validateServer(formats); err != nil {
+	if err := m.validateServerTLS(formats); err != nil {
 		res = append(res, err)
 	}

@@ -311,18 +337,38 @@ func (m *EncryptionConfigurationResponse) validateGemalto(formats strfmt.Registr
 	return nil
 }

-func (m *EncryptionConfigurationResponse) validateMtlsClient(formats strfmt.Registry) error {
+func (m *EncryptionConfigurationResponse) validateKmsMtls(formats strfmt.Registry) error {

-	if swag.IsZero(m.MtlsClient) { // not required
+	if swag.IsZero(m.KmsMtls) { // not required
 		return nil
 	}

-	if m.MtlsClient != nil {
-		if err := m.MtlsClient.Validate(formats); err != nil {
+	if m.KmsMtls != nil {
+		if err := m.KmsMtls.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("mtls_client")
+				return ve.ValidateName("kms_mtls")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("mtls_client")
+				return ce.ValidateName("kms_mtls")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfigurationResponse) validateMinioMtls(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.MinioMtls) { // not required
+		return nil
+	}
+
+	if m.MinioMtls != nil {
+		if err := m.MinioMtls.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("minio_mtls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("minio_mtls")
 			}
 			return err
 		}
@@ -351,18 +397,18 @@ func (m *EncryptionConfigurationResponse) validateSecurityContext(formats strfmt
 	return nil
 }

-func (m *EncryptionConfigurationResponse) validateServer(formats strfmt.Registry) error {
+func (m *EncryptionConfigurationResponse) validateServerTLS(formats strfmt.Registry) error {

-	if swag.IsZero(m.Server) { // not required
+	if swag.IsZero(m.ServerTLS) { // not required
 		return nil
 	}

-	if m.Server != nil {
-		if err := m.Server.Validate(formats); err != nil {
+	if m.ServerTLS != nil {
+		if err := m.ServerTLS.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("server")
+				return ve.ValidateName("server_tls")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("server")
+				return ce.ValidateName("server_tls")
 			}
 			return err
 		}
@@ -416,7 +462,11 @@ func (m *EncryptionConfigurationResponse) ContextValidate(ctx context.Context, f
 		res = append(res, err)
 	}

-	if err := m.contextValidateMtlsClient(ctx, formats); err != nil {
+	if err := m.contextValidateKmsMtls(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateMinioMtls(ctx, formats); err != nil {
 		res = append(res, err)
 	}

@@ -424,7 +474,7 @@ func (m *EncryptionConfigurationResponse) ContextValidate(ctx context.Context, f
 		res = append(res, err)
 	}

-	if err := m.contextValidateServer(ctx, formats); err != nil {
+	if err := m.contextValidateServerTLS(ctx, formats); err != nil {
 		res = append(res, err)
 	}

@@ -502,14 +552,30 @@ func (m *EncryptionConfigurationResponse) contextValidateGemalto(ctx context.Con
 	return nil
 }

-func (m *EncryptionConfigurationResponse) contextValidateMtlsClient(ctx context.Context, formats strfmt.Registry) error {
+func (m *EncryptionConfigurationResponse) contextValidateKmsMtls(ctx context.Context, formats strfmt.Registry) error {

-	if m.MtlsClient != nil {
-		if err := m.MtlsClient.ContextValidate(ctx, formats); err != nil {
+	if m.KmsMtls != nil {
+		if err := m.KmsMtls.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("mtls_client")
+				return ve.ValidateName("kms_mtls")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("mtls_client")
+				return ce.ValidateName("kms_mtls")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfigurationResponse) contextValidateMinioMtls(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.MinioMtls != nil {
+		if err := m.MinioMtls.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("minio_mtls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("minio_mtls")
 			}
 			return err
 		}
@@ -534,14 +600,14 @@ func (m *EncryptionConfigurationResponse) contextValidateSecurityContext(ctx con
 	return nil
 }

-func (m *EncryptionConfigurationResponse) contextValidateServer(ctx context.Context, formats strfmt.Registry) error {
+func (m *EncryptionConfigurationResponse) contextValidateServerTLS(ctx context.Context, formats strfmt.Registry) error {

-	if m.Server != nil {
-		if err := m.Server.ContextValidate(ctx, formats); err != nil {
+	if m.ServerTLS != nil {
+		if err := m.ServerTLS.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("server")
+				return ve.ValidateName("server_tls")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("server")
+				return ce.ValidateName("server_tls")
 			}
 			return err
 		}
@@ -583,3 +649,139 @@ func (m *EncryptionConfigurationResponse) UnmarshalBinary(b []byte) error {
 	*m = res
 	return nil
 }
+
+// EncryptionConfigurationResponseAO1KmsMtls encryption configuration response a o1 kms mtls
+//
+// swagger:model EncryptionConfigurationResponseAO1KmsMtls
+type EncryptionConfigurationResponseAO1KmsMtls struct {
+
+	// ca
+	Ca *CertificateInfo `json:"ca,omitempty"`
+
+	// crt
+	Crt *CertificateInfo `json:"crt,omitempty"`
+}
+
+// Validate validates this encryption configuration response a o1 kms mtls
+func (m *EncryptionConfigurationResponseAO1KmsMtls) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateCa(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateCrt(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *EncryptionConfigurationResponseAO1KmsMtls) validateCa(formats strfmt.Registry) error {
+	if swag.IsZero(m.Ca) { // not required
+		return nil
+	}
+
+	if m.Ca != nil {
+		if err := m.Ca.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("kms_mtls" + "." + "ca")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("kms_mtls" + "." + "ca")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfigurationResponseAO1KmsMtls) validateCrt(formats strfmt.Registry) error {
+	if swag.IsZero(m.Crt) { // not required
+		return nil
+	}
+
+	if m.Crt != nil {
+		if err := m.Crt.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("kms_mtls" + "." + "crt")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("kms_mtls" + "." + "crt")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ContextValidate validate this encryption configuration response a o1 kms mtls based on the context it is used
+func (m *EncryptionConfigurationResponseAO1KmsMtls) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateCa(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateCrt(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *EncryptionConfigurationResponseAO1KmsMtls) contextValidateCa(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Ca != nil {
+		if err := m.Ca.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("kms_mtls" + "." + "ca")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("kms_mtls" + "." + "ca")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfigurationResponseAO1KmsMtls) contextValidateCrt(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Crt != nil {
+		if err := m.Crt.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("kms_mtls" + "." + "crt")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("kms_mtls" + "." + "crt")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *EncryptionConfigurationResponseAO1KmsMtls) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *EncryptionConfigurationResponseAO1KmsMtls) UnmarshalBinary(b []byte) error {
+	var res EncryptionConfigurationResponseAO1KmsMtls
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/environment_constants.go
+++ b/models/environment_constants.go
@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// EnvironmentConstants environment constants
+//
+// swagger:model environmentConstants
+type EnvironmentConstants struct {
+
+	// max concurrent downloads
+	MaxConcurrentDownloads int64 `json:"maxConcurrentDownloads,omitempty"`
+
+	// max concurrent uploads
+	MaxConcurrentUploads int64 `json:"maxConcurrentUploads,omitempty"`
+}
+
+// Validate validates this environment constants
+func (m *EnvironmentConstants) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this environment constants based on context it is used
+func (m *EnvironmentConstants) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *EnvironmentConstants) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *EnvironmentConstants) UnmarshalBinary(b []byte) error {
+	var res EnvironmentConstants
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/format_direct_c_s_i_drives_response.go
+++ b/models/format_direct_c_s_i_drives_response.go
@@ -31,17 +31,17 @@ import (
 	"github.com/go-openapi/swag"
 )

-// FormatDirectCSIDrivesResponse format direct c s i drives response
+// FormatDirectPVDrivesResponse format direct p v drives response
 //
-// swagger:model formatDirectCSIDrivesResponse
-type FormatDirectCSIDrivesResponse struct {
+// swagger:model formatDirectPVDrivesResponse
+type FormatDirectPVDrivesResponse struct {

 	// format issues list
-	FormatIssuesList []*CsiFormatErrorResponse `json:"formatIssuesList"`
+	FormatIssuesList []*PvFormatErrorResponse `json:"formatIssuesList"`
 }

-// Validate validates this format direct c s i drives response
-func (m *FormatDirectCSIDrivesResponse) Validate(formats strfmt.Registry) error {
+// Validate validates this format direct p v drives response
+func (m *FormatDirectPVDrivesResponse) Validate(formats strfmt.Registry) error {
 	var res []error

 	if err := m.validateFormatIssuesList(formats); err != nil {
@@ -54,7 +54,7 @@ func (m *FormatDirectCSIDrivesResponse) Validate(formats strfmt.Registry) error
 	return nil
 }

-func (m *FormatDirectCSIDrivesResponse) validateFormatIssuesList(formats strfmt.Registry) error {
+func (m *FormatDirectPVDrivesResponse) validateFormatIssuesList(formats strfmt.Registry) error {
 	if swag.IsZero(m.FormatIssuesList) { // not required
 		return nil
 	}
@@ -80,8 +80,8 @@ func (m *FormatDirectCSIDrivesResponse) validateFormatIssuesList(formats strfmt.
 	return nil
 }

-// ContextValidate validate this format direct c s i drives response based on the context it is used
-func (m *FormatDirectCSIDrivesResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+// ContextValidate validate this format direct p v drives response based on the context it is used
+func (m *FormatDirectPVDrivesResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error

 	if err := m.contextValidateFormatIssuesList(ctx, formats); err != nil {
@@ -94,7 +94,7 @@ func (m *FormatDirectCSIDrivesResponse) ContextValidate(ctx context.Context, for
 	return nil
 }

-func (m *FormatDirectCSIDrivesResponse) contextValidateFormatIssuesList(ctx context.Context, formats strfmt.Registry) error {
+func (m *FormatDirectPVDrivesResponse) contextValidateFormatIssuesList(ctx context.Context, formats strfmt.Registry) error {

 	for i := 0; i < len(m.FormatIssuesList); i++ {

@@ -115,7 +115,7 @@ func (m *FormatDirectCSIDrivesResponse) contextValidateFormatIssuesList(ctx cont
 }

 // MarshalBinary interface implementation
-func (m *FormatDirectCSIDrivesResponse) MarshalBinary() ([]byte, error) {
+func (m *FormatDirectPVDrivesResponse) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -123,8 +123,8 @@ func (m *FormatDirectCSIDrivesResponse) MarshalBinary() ([]byte, error) {
 }

 // UnmarshalBinary interface implementation
-func (m *FormatDirectCSIDrivesResponse) UnmarshalBinary(b []byte) error {
-	var res FormatDirectCSIDrivesResponse
+func (m *FormatDirectPVDrivesResponse) UnmarshalBinary(b []byte) error {
+	var res FormatDirectPVDrivesResponse
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
--- a/models/gemalto_configuration.go
+++ b/models/gemalto_configuration.go
@@ -135,9 +135,6 @@ type GemaltoConfigurationKeysecure struct {
 	// endpoint
 	// Required: true
 	Endpoint *string `json:"endpoint"`
-
-	// tls
-	TLS *GemaltoConfigurationKeysecureTLS `json:"tls,omitempty"`
 }

 // Validate validates this gemalto configuration keysecure
@@ -152,10 +149,6 @@ func (m *GemaltoConfigurationKeysecure) Validate(formats strfmt.Registry) error
 		res = append(res, err)
 	}

-	if err := m.validateTLS(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -191,25 +184,6 @@ func (m *GemaltoConfigurationKeysecure) validateEndpoint(formats strfmt.Registry
 	return nil
 }

-func (m *GemaltoConfigurationKeysecure) validateTLS(formats strfmt.Registry) error {
-	if swag.IsZero(m.TLS) { // not required
-		return nil
-	}
-
-	if m.TLS != nil {
-		if err := m.TLS.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keysecure" + "." + "tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keysecure" + "." + "tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // ContextValidate validate this gemalto configuration keysecure based on the context it is used
 func (m *GemaltoConfigurationKeysecure) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
@@ -218,10 +192,6 @@ func (m *GemaltoConfigurationKeysecure) ContextValidate(ctx context.Context, for
 		res = append(res, err)
 	}

-	if err := m.contextValidateTLS(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -244,22 +214,6 @@ func (m *GemaltoConfigurationKeysecure) contextValidateCredentials(ctx context.C
 	return nil
 }

-func (m *GemaltoConfigurationKeysecure) contextValidateTLS(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.TLS != nil {
-		if err := m.TLS.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keysecure" + "." + "tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keysecure" + "." + "tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // MarshalBinary interface implementation
 func (m *GemaltoConfigurationKeysecure) MarshalBinary() ([]byte, error) {
 	if m == nil {
@@ -353,59 +307,3 @@ func (m *GemaltoConfigurationKeysecureCredentials) UnmarshalBinary(b []byte) err
 	*m = res
 	return nil
 }
-
-// GemaltoConfigurationKeysecureTLS gemalto configuration keysecure TLS
-//
-// swagger:model GemaltoConfigurationKeysecureTLS
-type GemaltoConfigurationKeysecureTLS struct {
-
-	// ca
-	// Required: true
-	Ca *string `json:"ca"`
-}
-
-// Validate validates this gemalto configuration keysecure TLS
-func (m *GemaltoConfigurationKeysecureTLS) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.validateCa(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *GemaltoConfigurationKeysecureTLS) validateCa(formats strfmt.Registry) error {
-
-	if err := validate.Required("keysecure"+"."+"tls"+"."+"ca", "body", m.Ca); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-// ContextValidate validates this gemalto configuration keysecure TLS based on context it is used
-func (m *GemaltoConfigurationKeysecureTLS) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *GemaltoConfigurationKeysecureTLS) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *GemaltoConfigurationKeysecureTLS) UnmarshalBinary(b []byte) error {
-	var res GemaltoConfigurationKeysecureTLS
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}
--- a/models/gemalto_configuration_response.go
+++ b/models/gemalto_configuration_response.go
@@ -135,9 +135,6 @@ type GemaltoConfigurationResponseKeysecure struct {
 	// endpoint
 	// Required: true
 	Endpoint *string `json:"endpoint"`
-
-	// tls
-	TLS *GemaltoConfigurationResponseKeysecureTLS `json:"tls,omitempty"`
 }

 // Validate validates this gemalto configuration response keysecure
@@ -152,10 +149,6 @@ func (m *GemaltoConfigurationResponseKeysecure) Validate(formats strfmt.Registry
 		res = append(res, err)
 	}

-	if err := m.validateTLS(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -191,25 +184,6 @@ func (m *GemaltoConfigurationResponseKeysecure) validateEndpoint(formats strfmt.
 	return nil
 }

-func (m *GemaltoConfigurationResponseKeysecure) validateTLS(formats strfmt.Registry) error {
-	if swag.IsZero(m.TLS) { // not required
-		return nil
-	}
-
-	if m.TLS != nil {
-		if err := m.TLS.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keysecure" + "." + "tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keysecure" + "." + "tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // ContextValidate validate this gemalto configuration response keysecure based on the context it is used
 func (m *GemaltoConfigurationResponseKeysecure) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
@@ -218,10 +192,6 @@ func (m *GemaltoConfigurationResponseKeysecure) ContextValidate(ctx context.Cont
 		res = append(res, err)
 	}

-	if err := m.contextValidateTLS(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -244,22 +214,6 @@ func (m *GemaltoConfigurationResponseKeysecure) contextValidateCredentials(ctx c
 	return nil
 }

-func (m *GemaltoConfigurationResponseKeysecure) contextValidateTLS(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.TLS != nil {
-		if err := m.TLS.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keysecure" + "." + "tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keysecure" + "." + "tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // MarshalBinary interface implementation
 func (m *GemaltoConfigurationResponseKeysecure) MarshalBinary() ([]byte, error) {
 	if m == nil {
@@ -353,95 +307,3 @@ func (m *GemaltoConfigurationResponseKeysecureCredentials) UnmarshalBinary(b []b
 	*m = res
 	return nil
 }
-
-// GemaltoConfigurationResponseKeysecureTLS gemalto configuration response keysecure TLS
-//
-// swagger:model GemaltoConfigurationResponseKeysecureTLS
-type GemaltoConfigurationResponseKeysecureTLS struct {
-
-	// ca
-	// Required: true
-	Ca *CertificateInfo `json:"ca"`
-}
-
-// Validate validates this gemalto configuration response keysecure TLS
-func (m *GemaltoConfigurationResponseKeysecureTLS) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.validateCa(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *GemaltoConfigurationResponseKeysecureTLS) validateCa(formats strfmt.Registry) error {
-
-	if err := validate.Required("keysecure"+"."+"tls"+"."+"ca", "body", m.Ca); err != nil {
-		return err
-	}
-
-	if m.Ca != nil {
-		if err := m.Ca.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keysecure" + "." + "tls" + "." + "ca")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keysecure" + "." + "tls" + "." + "ca")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// ContextValidate validate this gemalto configuration response keysecure TLS based on the context it is used
-func (m *GemaltoConfigurationResponseKeysecureTLS) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.contextValidateCa(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *GemaltoConfigurationResponseKeysecureTLS) contextValidateCa(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.Ca != nil {
-		if err := m.Ca.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keysecure" + "." + "tls" + "." + "ca")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keysecure" + "." + "tls" + "." + "ca")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *GemaltoConfigurationResponseKeysecureTLS) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *GemaltoConfigurationResponseKeysecureTLS) UnmarshalBinary(b []byte) error {
-	var res GemaltoConfigurationResponseKeysecureTLS
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}
--- a/models/get_direct_c_s_i_drive_list_response.go
+++ b/models/get_direct_c_s_i_drive_list_response.go
@@ -31,17 +31,17 @@ import (
 	"github.com/go-openapi/swag"
 )

-// GetDirectCSIDriveListResponse get direct c s i drive list response
+// GetDirectPVDriveListResponse get direct p v drive list response
 //
-// swagger:model getDirectCSIDriveListResponse
-type GetDirectCSIDriveListResponse struct {
+// swagger:model getDirectPVDriveListResponse
+type GetDirectPVDriveListResponse struct {

 	// drives
-	Drives []*DirectCSIDriveInfo `json:"drives"`
+	Drives []*DirectPVDriveInfo `json:"drives"`
 }

-// Validate validates this get direct c s i drive list response
-func (m *GetDirectCSIDriveListResponse) Validate(formats strfmt.Registry) error {
+// Validate validates this get direct p v drive list response
+func (m *GetDirectPVDriveListResponse) Validate(formats strfmt.Registry) error {
 	var res []error

 	if err := m.validateDrives(formats); err != nil {
@@ -54,7 +54,7 @@ func (m *GetDirectCSIDriveListResponse) Validate(formats strfmt.Registry) error
 	return nil
 }

-func (m *GetDirectCSIDriveListResponse) validateDrives(formats strfmt.Registry) error {
+func (m *GetDirectPVDriveListResponse) validateDrives(formats strfmt.Registry) error {
 	if swag.IsZero(m.Drives) { // not required
 		return nil
 	}
@@ -80,8 +80,8 @@ func (m *GetDirectCSIDriveListResponse) validateDrives(formats strfmt.Registry)
 	return nil
 }

-// ContextValidate validate this get direct c s i drive list response based on the context it is used
-func (m *GetDirectCSIDriveListResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+// ContextValidate validate this get direct p v drive list response based on the context it is used
+func (m *GetDirectPVDriveListResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error

 	if err := m.contextValidateDrives(ctx, formats); err != nil {
@@ -94,7 +94,7 @@ func (m *GetDirectCSIDriveListResponse) ContextValidate(ctx context.Context, for
 	return nil
 }

-func (m *GetDirectCSIDriveListResponse) contextValidateDrives(ctx context.Context, formats strfmt.Registry) error {
+func (m *GetDirectPVDriveListResponse) contextValidateDrives(ctx context.Context, formats strfmt.Registry) error {

 	for i := 0; i < len(m.Drives); i++ {

@@ -115,7 +115,7 @@ func (m *GetDirectCSIDriveListResponse) contextValidateDrives(ctx context.Contex
 }

 // MarshalBinary interface implementation
-func (m *GetDirectCSIDriveListResponse) MarshalBinary() ([]byte, error) {
+func (m *GetDirectPVDriveListResponse) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -123,8 +123,8 @@ func (m *GetDirectCSIDriveListResponse) MarshalBinary() ([]byte, error) {
 }

 // UnmarshalBinary interface implementation
-func (m *GetDirectCSIDriveListResponse) UnmarshalBinary(b []byte) error {
-	var res GetDirectCSIDriveListResponse
+func (m *GetDirectPVDriveListResponse) UnmarshalBinary(b []byte) error {
+	var res GetDirectPVDriveListResponse
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
--- a/models/get_direct_c_s_i_volume_list_response.go
+++ b/models/get_direct_c_s_i_volume_list_response.go
@@ -31,17 +31,17 @@ import (
 	"github.com/go-openapi/swag"
 )

-// GetDirectCSIVolumeListResponse get direct c s i volume list response
+// GetDirectPVVolumeListResponse get direct p v volume list response
 //
-// swagger:model getDirectCSIVolumeListResponse
-type GetDirectCSIVolumeListResponse struct {
+// swagger:model getDirectPVVolumeListResponse
+type GetDirectPVVolumeListResponse struct {

 	// volumes
-	Volumes []*DirectCSIVolumeInfo `json:"volumes"`
+	Volumes []*DirectPVVolumeInfo `json:"volumes"`
 }

-// Validate validates this get direct c s i volume list response
-func (m *GetDirectCSIVolumeListResponse) Validate(formats strfmt.Registry) error {
+// Validate validates this get direct p v volume list response
+func (m *GetDirectPVVolumeListResponse) Validate(formats strfmt.Registry) error {
 	var res []error

 	if err := m.validateVolumes(formats); err != nil {
@@ -54,7 +54,7 @@ func (m *GetDirectCSIVolumeListResponse) Validate(formats strfmt.Registry) error
 	return nil
 }

-func (m *GetDirectCSIVolumeListResponse) validateVolumes(formats strfmt.Registry) error {
+func (m *GetDirectPVVolumeListResponse) validateVolumes(formats strfmt.Registry) error {
 	if swag.IsZero(m.Volumes) { // not required
 		return nil
 	}
@@ -80,8 +80,8 @@ func (m *GetDirectCSIVolumeListResponse) validateVolumes(formats strfmt.Registry
 	return nil
 }

-// ContextValidate validate this get direct c s i volume list response based on the context it is used
-func (m *GetDirectCSIVolumeListResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+// ContextValidate validate this get direct p v volume list response based on the context it is used
+func (m *GetDirectPVVolumeListResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error

 	if err := m.contextValidateVolumes(ctx, formats); err != nil {
@@ -94,7 +94,7 @@ func (m *GetDirectCSIVolumeListResponse) ContextValidate(ctx context.Context, fo
 	return nil
 }

-func (m *GetDirectCSIVolumeListResponse) contextValidateVolumes(ctx context.Context, formats strfmt.Registry) error {
+func (m *GetDirectPVVolumeListResponse) contextValidateVolumes(ctx context.Context, formats strfmt.Registry) error {

 	for i := 0; i < len(m.Volumes); i++ {

@@ -115,7 +115,7 @@ func (m *GetDirectCSIVolumeListResponse) contextValidateVolumes(ctx context.Cont
 }

 // MarshalBinary interface implementation
-func (m *GetDirectCSIVolumeListResponse) MarshalBinary() ([]byte, error) {
+func (m *GetDirectPVVolumeListResponse) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -123,8 +123,8 @@ func (m *GetDirectCSIVolumeListResponse) MarshalBinary() ([]byte, error) {
 }

 // UnmarshalBinary interface implementation
-func (m *GetDirectCSIVolumeListResponse) UnmarshalBinary(b []byte) error {
-	var res GetDirectCSIVolumeListResponse
+func (m *GetDirectPVVolumeListResponse) UnmarshalBinary(b []byte) error {
+	var res GetDirectPVVolumeListResponse
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
--- a/models/idp_list_configurations_response.go
+++ b/models/idp_list_configurations_response.go
@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// IdpListConfigurationsResponse idp list configurations response
+//
+// swagger:model idpListConfigurationsResponse
+type IdpListConfigurationsResponse struct {
+
+	// results
+	Results []*IdpServerConfiguration `json:"results"`
+}
+
+// Validate validates this idp list configurations response
+func (m *IdpListConfigurationsResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateResults(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *IdpListConfigurationsResponse) validateResults(formats strfmt.Registry) error {
+	if swag.IsZero(m.Results) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Results); i++ {
+		if swag.IsZero(m.Results[i]) { // not required
+			continue
+		}
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this idp list configurations response based on the context it is used
+func (m *IdpListConfigurationsResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateResults(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *IdpListConfigurationsResponse) contextValidateResults(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Results); i++ {
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *IdpListConfigurationsResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *IdpListConfigurationsResponse) UnmarshalBinary(b []byte) error {
+	var res IdpListConfigurationsResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/idp_server_configuration.go
+++ b/models/idp_server_configuration.go
@@ -0,0 +1,145 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// IdpServerConfiguration idp server configuration
+//
+// swagger:model idpServerConfiguration
+type IdpServerConfiguration struct {
+
+	// enabled
+	Enabled bool `json:"enabled,omitempty"`
+
+	// info
+	Info []*IdpServerConfigurationInfo `json:"info"`
+
+	// input
+	Input string `json:"input,omitempty"`
+
+	// name
+	Name string `json:"name,omitempty"`
+
+	// type
+	Type string `json:"type,omitempty"`
+}
+
+// Validate validates this idp server configuration
+func (m *IdpServerConfiguration) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateInfo(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *IdpServerConfiguration) validateInfo(formats strfmt.Registry) error {
+	if swag.IsZero(m.Info) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Info); i++ {
+		if swag.IsZero(m.Info[i]) { // not required
+			continue
+		}
+
+		if m.Info[i] != nil {
+			if err := m.Info[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("info" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("info" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this idp server configuration based on the context it is used
+func (m *IdpServerConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateInfo(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *IdpServerConfiguration) contextValidateInfo(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Info); i++ {
+
+		if m.Info[i] != nil {
+			if err := m.Info[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("info" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("info" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *IdpServerConfiguration) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *IdpServerConfiguration) UnmarshalBinary(b []byte) error {
+	var res IdpServerConfiguration
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/idp_server_configuration_info.go
+++ b/models/idp_server_configuration_info.go
@@ -0,0 +1,76 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// IdpServerConfigurationInfo idp server configuration info
+//
+// swagger:model idpServerConfigurationInfo
+type IdpServerConfigurationInfo struct {
+
+	// is cfg
+	IsCfg bool `json:"isCfg,omitempty"`
+
+	// is env
+	IsEnv bool `json:"isEnv,omitempty"`
+
+	// key
+	Key string `json:"key,omitempty"`
+
+	// value
+	Value string `json:"value,omitempty"`
+}
+
+// Validate validates this idp server configuration info
+func (m *IdpServerConfigurationInfo) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this idp server configuration info based on context it is used
+func (m *IdpServerConfigurationInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *IdpServerConfigurationInfo) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *IdpServerConfigurationInfo) UnmarshalBinary(b []byte) error {
+	var res IdpServerConfigurationInfo
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/km_delete_key_request.go
+++ b/models/km_delete_key_request.go
@@ -0,0 +1,28 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+// KmDeleteKeyRequest km delete key request
+//
+// swagger:model kmDeleteKeyRequest
+type KmDeleteKeyRequest interface{}
--- a/models/kms_a_p_is_response.go
+++ b/models/kms_a_p_is_response.go
@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsAPIsResponse kms a p is response
+//
+// swagger:model kmsAPIsResponse
+type KmsAPIsResponse struct {
+
+	// results
+	Results []*KmsAPI `json:"results"`
+}
+
+// Validate validates this kms a p is response
+func (m *KmsAPIsResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateResults(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsAPIsResponse) validateResults(formats strfmt.Registry) error {
+	if swag.IsZero(m.Results) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Results); i++ {
+		if swag.IsZero(m.Results[i]) { // not required
+			continue
+		}
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this kms a p is response based on the context it is used
+func (m *KmsAPIsResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateResults(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsAPIsResponse) contextValidateResults(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Results); i++ {
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsAPIsResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsAPIsResponse) UnmarshalBinary(b []byte) error {
+	var res KmsAPIsResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_api.go
+++ b/models/kms_api.go
@@ -0,0 +1,76 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsAPI kms API
+//
+// swagger:model kmsAPI
+type KmsAPI struct {
+
+	// max body
+	MaxBody int64 `json:"maxBody,omitempty"`
+
+	// method
+	Method string `json:"method,omitempty"`
+
+	// path
+	Path string `json:"path,omitempty"`
+
+	// timeout
+	Timeout int64 `json:"timeout,omitempty"`
+}
+
+// Validate validates this kms API
+func (m *KmsAPI) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms API based on context it is used
+func (m *KmsAPI) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsAPI) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsAPI) UnmarshalBinary(b []byte) error {
+	var res KmsAPI
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_assign_policy_request.go
+++ b/models/kms_assign_policy_request.go
@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsAssignPolicyRequest kms assign policy request
+//
+// swagger:model kmsAssignPolicyRequest
+type KmsAssignPolicyRequest struct {
+
+	// identity
+	Identity string `json:"identity,omitempty"`
+}
+
+// Validate validates this kms assign policy request
+func (m *KmsAssignPolicyRequest) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms assign policy request based on context it is used
+func (m *KmsAssignPolicyRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsAssignPolicyRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsAssignPolicyRequest) UnmarshalBinary(b []byte) error {
+	var res KmsAssignPolicyRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_create_key_request.go
+++ b/models/kms_create_key_request.go
@@ -0,0 +1,88 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// KmsCreateKeyRequest kms create key request
+//
+// swagger:model kmsCreateKeyRequest
+type KmsCreateKeyRequest struct {
+
+	// key
+	// Required: true
+	Key *string `json:"key"`
+}
+
+// Validate validates this kms create key request
+func (m *KmsCreateKeyRequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateKey(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsCreateKeyRequest) validateKey(formats strfmt.Registry) error {
+
+	if err := validate.Required("key", "body", m.Key); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this kms create key request based on context it is used
+func (m *KmsCreateKeyRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsCreateKeyRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsCreateKeyRequest) UnmarshalBinary(b []byte) error {
+	var res KmsCreateKeyRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_describe_identity_response.go
+++ b/models/kms_describe_identity_response.go
@@ -0,0 +1,79 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsDescribeIdentityResponse kms describe identity response
+//
+// swagger:model kmsDescribeIdentityResponse
+type KmsDescribeIdentityResponse struct {
+
+	// admin
+	Admin bool `json:"admin,omitempty"`
+
+	// created at
+	CreatedAt string `json:"createdAt,omitempty"`
+
+	// created by
+	CreatedBy string `json:"createdBy,omitempty"`
+
+	// identity
+	Identity string `json:"identity,omitempty"`
+
+	// policy
+	Policy string `json:"policy,omitempty"`
+}
+
+// Validate validates this kms describe identity response
+func (m *KmsDescribeIdentityResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms describe identity response based on context it is used
+func (m *KmsDescribeIdentityResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsDescribeIdentityResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsDescribeIdentityResponse) UnmarshalBinary(b []byte) error {
+	var res KmsDescribeIdentityResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_describe_policy_response.go
+++ b/models/kms_describe_policy_response.go
@@ -0,0 +1,73 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsDescribePolicyResponse kms describe policy response
+//
+// swagger:model kmsDescribePolicyResponse
+type KmsDescribePolicyResponse struct {
+
+	// created at
+	CreatedAt string `json:"createdAt,omitempty"`
+
+	// created by
+	CreatedBy string `json:"createdBy,omitempty"`
+
+	// name
+	Name string `json:"name,omitempty"`
+}
+
+// Validate validates this kms describe policy response
+func (m *KmsDescribePolicyResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms describe policy response based on context it is used
+func (m *KmsDescribePolicyResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsDescribePolicyResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsDescribePolicyResponse) UnmarshalBinary(b []byte) error {
+	var res KmsDescribePolicyResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_describe_self_identity_response.go
+++ b/models/kms_describe_self_identity_response.go
@@ -0,0 +1,136 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsDescribeSelfIdentityResponse kms describe self identity response
+//
+// swagger:model kmsDescribeSelfIdentityResponse
+type KmsDescribeSelfIdentityResponse struct {
+
+	// admin
+	Admin bool `json:"admin,omitempty"`
+
+	// created at
+	CreatedAt string `json:"createdAt,omitempty"`
+
+	// created by
+	CreatedBy string `json:"createdBy,omitempty"`
+
+	// identity
+	Identity string `json:"identity,omitempty"`
+
+	// policy
+	Policy *KmsGetPolicyResponse `json:"policy,omitempty"`
+
+	// policy name
+	PolicyName string `json:"policyName,omitempty"`
+}
+
+// Validate validates this kms describe self identity response
+func (m *KmsDescribeSelfIdentityResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validatePolicy(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsDescribeSelfIdentityResponse) validatePolicy(formats strfmt.Registry) error {
+	if swag.IsZero(m.Policy) { // not required
+		return nil
+	}
+
+	if m.Policy != nil {
+		if err := m.Policy.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("policy")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("policy")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ContextValidate validate this kms describe self identity response based on the context it is used
+func (m *KmsDescribeSelfIdentityResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidatePolicy(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsDescribeSelfIdentityResponse) contextValidatePolicy(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Policy != nil {
+		if err := m.Policy.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("policy")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("policy")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsDescribeSelfIdentityResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsDescribeSelfIdentityResponse) UnmarshalBinary(b []byte) error {
+	var res KmsDescribeSelfIdentityResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_endpoint.go
+++ b/models/kms_endpoint.go
@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsEndpoint kms endpoint
+//
+// swagger:model kmsEndpoint
+type KmsEndpoint struct {
+
+	// status
+	Status string `json:"status,omitempty"`
+
+	// url
+	URL string `json:"url,omitempty"`
+}
+
+// Validate validates this kms endpoint
+func (m *KmsEndpoint) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms endpoint based on context it is used
+func (m *KmsEndpoint) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsEndpoint) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsEndpoint) UnmarshalBinary(b []byte) error {
+	var res KmsEndpoint
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_get_policy_response.go
+++ b/models/kms_get_policy_response.go
@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsGetPolicyResponse kms get policy response
+//
+// swagger:model kmsGetPolicyResponse
+type KmsGetPolicyResponse struct {
+
+	// allow
+	Allow []string `json:"allow"`
+
+	// deny
+	Deny []string `json:"deny"`
+}
+
+// Validate validates this kms get policy response
+func (m *KmsGetPolicyResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms get policy response based on context it is used
+func (m *KmsGetPolicyResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsGetPolicyResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsGetPolicyResponse) UnmarshalBinary(b []byte) error {
+	var res KmsGetPolicyResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_identity_info.go
+++ b/models/kms_identity_info.go
@@ -0,0 +1,79 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsIdentityInfo kms identity info
+//
+// swagger:model kmsIdentityInfo
+type KmsIdentityInfo struct {
+
+	// created at
+	CreatedAt string `json:"createdAt,omitempty"`
+
+	// created by
+	CreatedBy string `json:"createdBy,omitempty"`
+
+	// error
+	Error string `json:"error,omitempty"`
+
+	// identity
+	Identity string `json:"identity,omitempty"`
+
+	// policy
+	Policy string `json:"policy,omitempty"`
+}
+
+// Validate validates this kms identity info
+func (m *KmsIdentityInfo) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms identity info based on context it is used
+func (m *KmsIdentityInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsIdentityInfo) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsIdentityInfo) UnmarshalBinary(b []byte) error {
+	var res KmsIdentityInfo
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_import_key_request.go
+++ b/models/kms_import_key_request.go
@@ -0,0 +1,88 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// KmsImportKeyRequest kms import key request
+//
+// swagger:model kmsImportKeyRequest
+type KmsImportKeyRequest struct {
+
+	// bytes
+	// Required: true
+	Bytes *string `json:"bytes"`
+}
+
+// Validate validates this kms import key request
+func (m *KmsImportKeyRequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateBytes(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsImportKeyRequest) validateBytes(formats strfmt.Registry) error {
+
+	if err := validate.Required("bytes", "body", m.Bytes); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this kms import key request based on context it is used
+func (m *KmsImportKeyRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsImportKeyRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsImportKeyRequest) UnmarshalBinary(b []byte) error {
+	var res KmsImportKeyRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_key_info.go
+++ b/models/kms_key_info.go
@@ -0,0 +1,73 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsKeyInfo kms key info
+//
+// swagger:model kmsKeyInfo
+type KmsKeyInfo struct {
+
+	// created at
+	CreatedAt string `json:"createdAt,omitempty"`
+
+	// created by
+	CreatedBy string `json:"createdBy,omitempty"`
+
+	// name
+	Name string `json:"name,omitempty"`
+}
+
+// Validate validates this kms key info
+func (m *KmsKeyInfo) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms key info based on context it is used
+func (m *KmsKeyInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsKeyInfo) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsKeyInfo) UnmarshalBinary(b []byte) error {
+	var res KmsKeyInfo
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_key_status_response.go
+++ b/models/kms_key_status_response.go
@@ -0,0 +1,73 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsKeyStatusResponse kms key status response
+//
+// swagger:model kmsKeyStatusResponse
+type KmsKeyStatusResponse struct {
+
+	// decryption err
+	DecryptionErr string `json:"decryptionErr,omitempty"`
+
+	// encryption err
+	EncryptionErr string `json:"encryptionErr,omitempty"`
+
+	// key ID
+	KeyID string `json:"keyID,omitempty"`
+}
+
+// Validate validates this kms key status response
+func (m *KmsKeyStatusResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms key status response based on context it is used
+func (m *KmsKeyStatusResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsKeyStatusResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsKeyStatusResponse) UnmarshalBinary(b []byte) error {
+	var res KmsKeyStatusResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_latency_histogram.go
+++ b/models/kms_latency_histogram.go
@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsLatencyHistogram kms latency histogram
+//
+// swagger:model kmsLatencyHistogram
+type KmsLatencyHistogram struct {
+
+	// duration
+	Duration int64 `json:"duration,omitempty"`
+}
+
+// Validate validates this kms latency histogram
+func (m *KmsLatencyHistogram) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms latency histogram based on context it is used
+func (m *KmsLatencyHistogram) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsLatencyHistogram) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsLatencyHistogram) UnmarshalBinary(b []byte) error {
+	var res KmsLatencyHistogram
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_list_identities_response.go
+++ b/models/kms_list_identities_response.go
@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsListIdentitiesResponse kms list identities response
+//
+// swagger:model kmsListIdentitiesResponse
+type KmsListIdentitiesResponse struct {
+
+	// results
+	Results []*KmsIdentityInfo `json:"results"`
+}
+
+// Validate validates this kms list identities response
+func (m *KmsListIdentitiesResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateResults(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsListIdentitiesResponse) validateResults(formats strfmt.Registry) error {
+	if swag.IsZero(m.Results) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Results); i++ {
+		if swag.IsZero(m.Results[i]) { // not required
+			continue
+		}
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this kms list identities response based on the context it is used
+func (m *KmsListIdentitiesResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateResults(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsListIdentitiesResponse) contextValidateResults(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Results); i++ {
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsListIdentitiesResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsListIdentitiesResponse) UnmarshalBinary(b []byte) error {
+	var res KmsListIdentitiesResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_list_keys_response.go
+++ b/models/kms_list_keys_response.go
@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsListKeysResponse kms list keys response
+//
+// swagger:model kmsListKeysResponse
+type KmsListKeysResponse struct {
+
+	// results
+	Results []*KmsKeyInfo `json:"results"`
+}
+
+// Validate validates this kms list keys response
+func (m *KmsListKeysResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateResults(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsListKeysResponse) validateResults(formats strfmt.Registry) error {
+	if swag.IsZero(m.Results) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Results); i++ {
+		if swag.IsZero(m.Results[i]) { // not required
+			continue
+		}
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this kms list keys response based on the context it is used
+func (m *KmsListKeysResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateResults(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsListKeysResponse) contextValidateResults(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Results); i++ {
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsListKeysResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsListKeysResponse) UnmarshalBinary(b []byte) error {
+	var res KmsListKeysResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_list_policies_response.go
+++ b/models/kms_list_policies_response.go
@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsListPoliciesResponse kms list policies response
+//
+// swagger:model kmsListPoliciesResponse
+type KmsListPoliciesResponse struct {
+
+	// results
+	Results []*KmsPolicyInfo `json:"results"`
+}
+
+// Validate validates this kms list policies response
+func (m *KmsListPoliciesResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateResults(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsListPoliciesResponse) validateResults(formats strfmt.Registry) error {
+	if swag.IsZero(m.Results) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Results); i++ {
+		if swag.IsZero(m.Results[i]) { // not required
+			continue
+		}
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this kms list policies response based on the context it is used
+func (m *KmsListPoliciesResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateResults(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsListPoliciesResponse) contextValidateResults(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Results); i++ {
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsListPoliciesResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsListPoliciesResponse) UnmarshalBinary(b []byte) error {
+	var res KmsListPoliciesResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_metrics_response.go
+++ b/models/kms_metrics_response.go
@@ -0,0 +1,331 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// KmsMetricsResponse kms metrics response
+//
+// swagger:model kmsMetricsResponse
+type KmsMetricsResponse struct {
+
+	// audit events
+	// Required: true
+	AuditEvents *int64 `json:"auditEvents"`
+
+	// cpus
+	// Required: true
+	Cpus *int64 `json:"cpus"`
+
+	// error events
+	// Required: true
+	ErrorEvents *int64 `json:"errorEvents"`
+
+	// heap alloc
+	// Required: true
+	HeapAlloc *int64 `json:"heapAlloc"`
+
+	// heap objects
+	HeapObjects int64 `json:"heapObjects,omitempty"`
+
+	// latency histogram
+	// Required: true
+	LatencyHistogram *KmsLatencyHistogram `json:"latencyHistogram"`
+
+	// request active
+	// Required: true
+	RequestActive *int64 `json:"requestActive"`
+
+	// request err
+	// Required: true
+	RequestErr *int64 `json:"requestErr"`
+
+	// request fail
+	// Required: true
+	RequestFail *int64 `json:"requestFail"`
+
+	// request o k
+	// Required: true
+	RequestOK *int64 `json:"requestOK"`
+
+	// stack alloc
+	// Required: true
+	StackAlloc *int64 `json:"stackAlloc"`
+
+	// threads
+	// Required: true
+	Threads *int64 `json:"threads"`
+
+	// uptime
+	// Required: true
+	Uptime *int64 `json:"uptime"`
+
+	// usable c p us
+	// Required: true
+	UsableCPUs *int64 `json:"usableCPUs"`
+}
+
+// Validate validates this kms metrics response
+func (m *KmsMetricsResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateAuditEvents(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateCpus(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateErrorEvents(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateHeapAlloc(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateLatencyHistogram(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateRequestActive(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateRequestErr(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateRequestFail(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateRequestOK(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateStackAlloc(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateThreads(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateUptime(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateUsableCPUs(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateAuditEvents(formats strfmt.Registry) error {
+
+	if err := validate.Required("auditEvents", "body", m.AuditEvents); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateCpus(formats strfmt.Registry) error {
+
+	if err := validate.Required("cpus", "body", m.Cpus); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateErrorEvents(formats strfmt.Registry) error {
+
+	if err := validate.Required("errorEvents", "body", m.ErrorEvents); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateHeapAlloc(formats strfmt.Registry) error {
+
+	if err := validate.Required("heapAlloc", "body", m.HeapAlloc); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateLatencyHistogram(formats strfmt.Registry) error {
+
+	if err := validate.Required("latencyHistogram", "body", m.LatencyHistogram); err != nil {
+		return err
+	}
+
+	if m.LatencyHistogram != nil {
+		if err := m.LatencyHistogram.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("latencyHistogram")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("latencyHistogram")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateRequestActive(formats strfmt.Registry) error {
+
+	if err := validate.Required("requestActive", "body", m.RequestActive); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateRequestErr(formats strfmt.Registry) error {
+
+	if err := validate.Required("requestErr", "body", m.RequestErr); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateRequestFail(formats strfmt.Registry) error {
+
+	if err := validate.Required("requestFail", "body", m.RequestFail); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateRequestOK(formats strfmt.Registry) error {
+
+	if err := validate.Required("requestOK", "body", m.RequestOK); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateStackAlloc(formats strfmt.Registry) error {
+
+	if err := validate.Required("stackAlloc", "body", m.StackAlloc); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateThreads(formats strfmt.Registry) error {
+
+	if err := validate.Required("threads", "body", m.Threads); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateUptime(formats strfmt.Registry) error {
+
+	if err := validate.Required("uptime", "body", m.Uptime); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateUsableCPUs(formats strfmt.Registry) error {
+
+	if err := validate.Required("usableCPUs", "body", m.UsableCPUs); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validate this kms metrics response based on the context it is used
+func (m *KmsMetricsResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateLatencyHistogram(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsMetricsResponse) contextValidateLatencyHistogram(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.LatencyHistogram != nil {
+		if err := m.LatencyHistogram.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("latencyHistogram")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("latencyHistogram")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsMetricsResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsMetricsResponse) UnmarshalBinary(b []byte) error {
+	var res KmsMetricsResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_policy_info.go
+++ b/models/kms_policy_info.go
@@ -0,0 +1,73 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsPolicyInfo kms policy info
+//
+// swagger:model kmsPolicyInfo
+type KmsPolicyInfo struct {
+
+	// created at
+	CreatedAt string `json:"createdAt,omitempty"`
+
+	// created by
+	CreatedBy string `json:"createdBy,omitempty"`
+
+	// name
+	Name string `json:"name,omitempty"`
+}
+
+// Validate validates this kms policy info
+func (m *KmsPolicyInfo) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms policy info based on context it is used
+func (m *KmsPolicyInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsPolicyInfo) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsPolicyInfo) UnmarshalBinary(b []byte) error {
+	var res KmsPolicyInfo
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_set_policy_request.go
+++ b/models/kms_set_policy_request.go
@@ -0,0 +1,94 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// KmsSetPolicyRequest kms set policy request
+//
+// swagger:model kmsSetPolicyRequest
+type KmsSetPolicyRequest struct {
+
+	// allow
+	Allow []string `json:"allow"`
+
+	// deny
+	Deny []string `json:"deny"`
+
+	// policy
+	// Required: true
+	Policy *string `json:"policy"`
+}
+
+// Validate validates this kms set policy request
+func (m *KmsSetPolicyRequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validatePolicy(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsSetPolicyRequest) validatePolicy(formats strfmt.Registry) error {
+
+	if err := validate.Required("policy", "body", m.Policy); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this kms set policy request based on context it is used
+func (m *KmsSetPolicyRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsSetPolicyRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsSetPolicyRequest) UnmarshalBinary(b []byte) error {
+	var res KmsSetPolicyRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_status_response.go
+++ b/models/kms_status_response.go
@@ -0,0 +1,139 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsStatusResponse kms status response
+//
+// swagger:model kmsStatusResponse
+type KmsStatusResponse struct {
+
+	// default key ID
+	DefaultKeyID string `json:"defaultKeyID,omitempty"`
+
+	// endpoints
+	Endpoints []*KmsEndpoint `json:"endpoints"`
+
+	// name
+	Name string `json:"name,omitempty"`
+}
+
+// Validate validates this kms status response
+func (m *KmsStatusResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateEndpoints(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsStatusResponse) validateEndpoints(formats strfmt.Registry) error {
+	if swag.IsZero(m.Endpoints) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Endpoints); i++ {
+		if swag.IsZero(m.Endpoints[i]) { // not required
+			continue
+		}
+
+		if m.Endpoints[i] != nil {
+			if err := m.Endpoints[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("endpoints" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("endpoints" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this kms status response based on the context it is used
+func (m *KmsStatusResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateEndpoints(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsStatusResponse) contextValidateEndpoints(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Endpoints); i++ {
+
+		if m.Endpoints[i] != nil {
+			if err := m.Endpoints[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("endpoints" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("endpoints" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsStatusResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsStatusResponse) UnmarshalBinary(b []byte) error {
+	var res KmsStatusResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/kms_version_response.go
+++ b/models/kms_version_response.go
@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsVersionResponse kms version response
+//
+// swagger:model kmsVersionResponse
+type KmsVersionResponse struct {
+
+	// version
+	Version string `json:"version,omitempty"`
+}
+
+// Validate validates this kms version response
+func (m *KmsVersionResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms version response based on context it is used
+func (m *KmsVersionResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsVersionResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsVersionResponse) UnmarshalBinary(b []byte) error {
+	var res KmsVersionResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/login_details.go
+++ b/models/login_details.go
@@ -25,6 +25,7 @@ package models
 import (
 	"context"
 	"encoding/json"
+	"strconv"

 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
@@ -37,12 +38,18 @@ import (
 // swagger:model loginDetails
 type LoginDetails struct {

+	// is direct p v
+	IsDirectPV bool `json:"isDirectPV,omitempty"`
+
+	// is k8 s
+	IsK8S bool `json:"isK8S,omitempty"`
+
 	// login strategy
 	// Enum: [form redirect service-account redirect-service-account]
 	LoginStrategy string `json:"loginStrategy,omitempty"`

-	// redirect
-	Redirect string `json:"redirect,omitempty"`
+	// redirect rules
+	RedirectRules []*RedirectRule `json:"redirectRules"`
 }

 // Validate validates this login details
@@ -53,6 +60,10 @@ func (m *LoginDetails) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}

+	if err := m.validateRedirectRules(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -107,8 +118,63 @@ func (m *LoginDetails) validateLoginStrategy(formats strfmt.Registry) error {
 	return nil
 }

-// ContextValidate validates this login details based on context it is used
+func (m *LoginDetails) validateRedirectRules(formats strfmt.Registry) error {
+	if swag.IsZero(m.RedirectRules) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.RedirectRules); i++ {
+		if swag.IsZero(m.RedirectRules[i]) { // not required
+			continue
+		}
+
+		if m.RedirectRules[i] != nil {
+			if err := m.RedirectRules[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("redirectRules" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("redirectRules" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this login details based on the context it is used
 func (m *LoginDetails) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateRedirectRules(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *LoginDetails) contextValidateRedirectRules(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.RedirectRules); i++ {
+
+		if m.RedirectRules[i] != nil {
+			if err := m.RedirectRules[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("redirectRules" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("redirectRules" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
 	return nil
 }

--- a/models/login_response.go
+++ b/models/login_response.go
@@ -34,6 +34,9 @@ import (
 // swagger:model loginResponse
 type LoginResponse struct {

+	// ID p refresh token
+	IDPRefreshToken string `json:"IDPRefreshToken,omitempty"`
+
 	// session Id
 	SessionID string `json:"sessionId,omitempty"`
 }
--- a/models/logout_request.go
+++ b/models/logout_request.go
@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// LogoutRequest logout request
+//
+// swagger:model logoutRequest
+type LogoutRequest struct {
+
+	// state
+	State string `json:"state,omitempty"`
+}
+
+// Validate validates this logout request
+func (m *LogoutRequest) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this logout request based on context it is used
+func (m *LogoutRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *LogoutRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *LogoutRequest) UnmarshalBinary(b []byte) error {
+	var res LogoutRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/operator_session_response.go
+++ b/models/operator_session_response.go
@@ -37,6 +37,9 @@ import (
 // swagger:model operatorSessionResponse
 type OperatorSessionResponse struct {

+	// direct p v
+	DirectPV bool `json:"directPV,omitempty"`
+
 	// features
 	Features []string `json:"features"`

--- a/models/operator_subnet_api_key.go
+++ b/models/operator_subnet_api_key.go
@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// OperatorSubnetAPIKey operator subnet API key
+//
+// swagger:model operatorSubnetAPIKey
+type OperatorSubnetAPIKey struct {
+
+	// api key
+	APIKey string `json:"apiKey,omitempty"`
+}
+
+// Validate validates this operator subnet API key
+func (m *OperatorSubnetAPIKey) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this operator subnet API key based on context it is used
+func (m *OperatorSubnetAPIKey) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSubnetAPIKey) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSubnetAPIKey) UnmarshalBinary(b []byte) error {
+	var res OperatorSubnetAPIKey
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/operator_subnet_login_m_f_a_request.go
+++ b/models/operator_subnet_login_m_f_a_request.go
@@ -0,0 +1,122 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// OperatorSubnetLoginMFARequest operator subnet login m f a request
+//
+// swagger:model operatorSubnetLoginMFARequest
+type OperatorSubnetLoginMFARequest struct {
+
+	// mfa token
+	// Required: true
+	MfaToken *string `json:"mfa_token"`
+
+	// otp
+	// Required: true
+	Otp *string `json:"otp"`
+
+	// username
+	// Required: true
+	Username *string `json:"username"`
+}
+
+// Validate validates this operator subnet login m f a request
+func (m *OperatorSubnetLoginMFARequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateMfaToken(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateOtp(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateUsername(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *OperatorSubnetLoginMFARequest) validateMfaToken(formats strfmt.Registry) error {
+
+	if err := validate.Required("mfa_token", "body", m.MfaToken); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *OperatorSubnetLoginMFARequest) validateOtp(formats strfmt.Registry) error {
+
+	if err := validate.Required("otp", "body", m.Otp); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *OperatorSubnetLoginMFARequest) validateUsername(formats strfmt.Registry) error {
+
+	if err := validate.Required("username", "body", m.Username); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this operator subnet login m f a request based on context it is used
+func (m *OperatorSubnetLoginMFARequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSubnetLoginMFARequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSubnetLoginMFARequest) UnmarshalBinary(b []byte) error {
+	var res OperatorSubnetLoginMFARequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/operator_subnet_login_request.go
+++ b/models/operator_subnet_login_request.go
@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// OperatorSubnetLoginRequest operator subnet login request
+//
+// swagger:model operatorSubnetLoginRequest
+type OperatorSubnetLoginRequest struct {
+
+	// password
+	Password string `json:"password,omitempty"`
+
+	// username
+	Username string `json:"username,omitempty"`
+}
+
+// Validate validates this operator subnet login request
+func (m *OperatorSubnetLoginRequest) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this operator subnet login request based on context it is used
+func (m *OperatorSubnetLoginRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSubnetLoginRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSubnetLoginRequest) UnmarshalBinary(b []byte) error {
+	var res OperatorSubnetLoginRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/operator_subnet_login_response.go
+++ b/models/operator_subnet_login_response.go
@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// OperatorSubnetLoginResponse operator subnet login response
+//
+// swagger:model operatorSubnetLoginResponse
+type OperatorSubnetLoginResponse struct {
+
+	// access token
+	AccessToken string `json:"access_token,omitempty"`
+
+	// mfa token
+	MfaToken string `json:"mfa_token,omitempty"`
+}
+
+// Validate validates this operator subnet login response
+func (m *OperatorSubnetLoginResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this operator subnet login response based on context it is used
+func (m *OperatorSubnetLoginResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSubnetLoginResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSubnetLoginResponse) UnmarshalBinary(b []byte) error {
+	var res OperatorSubnetLoginResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/operator_subnet_register_api_key_response.go
+++ b/models/operator_subnet_register_api_key_response.go
@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// OperatorSubnetRegisterAPIKeyResponse operator subnet register API key response
+//
+// swagger:model operatorSubnetRegisterAPIKeyResponse
+type OperatorSubnetRegisterAPIKeyResponse struct {
+
+	// registered
+	Registered bool `json:"registered,omitempty"`
+}
+
+// Validate validates this operator subnet register API key response
+func (m *OperatorSubnetRegisterAPIKeyResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this operator subnet register API key response based on context it is used
+func (m *OperatorSubnetRegisterAPIKeyResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *OperatorSubnetRegisterAPIKeyResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *OperatorSubnetRegisterAPIKeyResponse) UnmarshalBinary(b []byte) error {
+	var res OperatorSubnetRegisterAPIKeyResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/principal.go
+++ b/models/principal.go
@@ -46,6 +46,9 @@ type Principal struct {
 	// account access key
 	AccountAccessKey string `json:"accountAccessKey,omitempty"`

+	// custom style ob
+	CustomStyleOb string `json:"customStyleOb,omitempty"`
+
 	// hm
 	Hm bool `json:"hm,omitempty"`

--- a/models/csi_format_error_response.go
+++ b/models/csi_format_error_response.go
@@ -29,10 +29,10 @@ import (
 	"github.com/go-openapi/swag"
 )

-// CsiFormatErrorResponse csi format error response
+// PvFormatErrorResponse pv format error response
 //
-// swagger:model csiFormatErrorResponse
-type CsiFormatErrorResponse struct {
+// swagger:model pvFormatErrorResponse
+type PvFormatErrorResponse struct {

 	// drive
 	Drive string `json:"drive,omitempty"`
@@ -44,18 +44,18 @@ type CsiFormatErrorResponse struct {
 	Node string `json:"node,omitempty"`
 }

-// Validate validates this csi format error response
-func (m *CsiFormatErrorResponse) Validate(formats strfmt.Registry) error {
+// Validate validates this pv format error response
+func (m *PvFormatErrorResponse) Validate(formats strfmt.Registry) error {
 	return nil
 }

-// ContextValidate validates this csi format error response based on context it is used
-func (m *CsiFormatErrorResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+// ContextValidate validates this pv format error response based on context it is used
+func (m *PvFormatErrorResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }

 // MarshalBinary interface implementation
-func (m *CsiFormatErrorResponse) MarshalBinary() ([]byte, error) {
+func (m *PvFormatErrorResponse) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@@ -63,8 +63,8 @@ func (m *CsiFormatErrorResponse) MarshalBinary() ([]byte, error) {
 }

 // UnmarshalBinary interface implementation
-func (m *CsiFormatErrorResponse) UnmarshalBinary(b []byte) error {
-	var res CsiFormatErrorResponse
+func (m *PvFormatErrorResponse) UnmarshalBinary(b []byte) error {
+	var res PvFormatErrorResponse
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
--- a/models/redirect_rule.go
+++ b/models/redirect_rule.go
@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// RedirectRule redirect rule
+//
+// swagger:model redirectRule
+type RedirectRule struct {
+
+	// display name
+	DisplayName string `json:"displayName,omitempty"`
+
+	// redirect
+	Redirect string `json:"redirect,omitempty"`
+}
+
+// Validate validates this redirect rule
+func (m *RedirectRule) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this redirect rule based on context it is used
+func (m *RedirectRule) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *RedirectRule) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *RedirectRule) UnmarshalBinary(b []byte) error {
+	var res RedirectRule
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/rewind_item.go
+++ b/models/rewind_item.go
@@ -40,6 +40,9 @@ type RewindItem struct {
 	// delete flag
 	DeleteFlag bool `json:"delete_flag,omitempty"`

+	// is latest
+	IsLatest bool `json:"is_latest,omitempty"`
+
 	// last modified
 	LastModified string `json:"last_modified,omitempty"`

--- a/models/security_context.go
+++ b/models/security_context.go
@@ -37,8 +37,10 @@ import (
 type SecurityContext struct {

 	// fs group
-	// Required: true
-	FsGroup *string `json:"fsGroup"`
+	FsGroup string `json:"fsGroup,omitempty"`
+
+	// fs group change policy
+	FsGroupChangePolicy string `json:"fsGroupChangePolicy,omitempty"`

 	// run as group
 	// Required: true
@@ -57,10 +59,6 @@ type SecurityContext struct {
 func (m *SecurityContext) Validate(formats strfmt.Registry) error {
 	var res []error

-	if err := m.validateFsGroup(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if err := m.validateRunAsGroup(formats); err != nil {
 		res = append(res, err)
 	}
@@ -79,15 +77,6 @@ func (m *SecurityContext) Validate(formats strfmt.Registry) error {
 	return nil
 }

-func (m *SecurityContext) validateFsGroup(formats strfmt.Registry) error {
-
-	if err := validate.Required("fsGroup", "body", m.FsGroup); err != nil {
-		return err
-	}
-
-	return nil
-}
-
 func (m *SecurityContext) validateRunAsGroup(formats strfmt.Registry) error {

 	if err := validate.Required("runAsGroup", "body", m.RunAsGroup); err != nil {
--- a/models/session_response.go
+++ b/models/session_response.go
@@ -41,9 +41,15 @@ type SessionResponse struct {
 	// allow resources
 	AllowResources []*PermissionResource `json:"allowResources"`

+	// custom styles
+	CustomStyles string `json:"customStyles,omitempty"`
+
 	// distributed mode
 	DistributedMode bool `json:"distributedMode,omitempty"`

+	// env constants
+	EnvConstants *EnvironmentConstants `json:"envConstants,omitempty"`
+
 	// features
 	Features []string `json:"features"`

@@ -53,6 +59,9 @@ type SessionResponse struct {
 	// permissions
 	Permissions map[string][]string `json:"permissions,omitempty"`

+	// server end point
+	ServerEndPoint string `json:"serverEndPoint,omitempty"`
+
 	// status
 	// Enum: [ok]
 	Status string `json:"status,omitempty"`
@@ -66,6 +75,10 @@ func (m *SessionResponse) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}

+	if err := m.validateEnvConstants(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateStatus(formats); err != nil {
 		res = append(res, err)
 	}
@@ -102,6 +115,25 @@ func (m *SessionResponse) validateAllowResources(formats strfmt.Registry) error
 	return nil
 }

+func (m *SessionResponse) validateEnvConstants(formats strfmt.Registry) error {
+	if swag.IsZero(m.EnvConstants) { // not required
+		return nil
+	}
+
+	if m.EnvConstants != nil {
+		if err := m.EnvConstants.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("envConstants")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("envConstants")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 var sessionResponseTypeStatusPropEnum []interface{}

 func init() {
@@ -149,6 +181,10 @@ func (m *SessionResponse) ContextValidate(ctx context.Context, formats strfmt.Re
 		res = append(res, err)
 	}

+	if err := m.contextValidateEnvConstants(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -175,6 +211,22 @@ func (m *SessionResponse) contextValidateAllowResources(ctx context.Context, for
 	return nil
 }

+func (m *SessionResponse) contextValidateEnvConstants(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.EnvConstants != nil {
+		if err := m.EnvConstants.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("envConstants")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("envConstants")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *SessionResponse) MarshalBinary() ([]byte, error) {
 	if m == nil {
--- a/models/set_administrators_request.go
+++ b/models/set_administrators_request.go
@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// SetAdministratorsRequest set administrators request
+//
+// swagger:model setAdministratorsRequest
+type SetAdministratorsRequest struct {
+
+	// group dns
+	GroupDNS []string `json:"group_dns"`
+
+	// user dns
+	UserDNS []string `json:"user_dns"`
+}
+
+// Validate validates this set administrators request
+func (m *SetAdministratorsRequest) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this set administrators request based on context it is used
+func (m *SetAdministratorsRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *SetAdministratorsRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *SetAdministratorsRequest) UnmarshalBinary(b []byte) error {
+	var res SetAdministratorsRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/set_id_p_response.go
+++ b/models/set_id_p_response.go
@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// SetIDPResponse set ID p response
+//
+// swagger:model setIDPResponse
+type SetIDPResponse struct {
+
+	// restart
+	Restart bool `json:"restart,omitempty"`
+}
+
+// Validate validates this set ID p response
+func (m *SetIDPResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this set ID p response based on context it is used
+func (m *SetIDPResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *SetIDPResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *SetIDPResponse) UnmarshalBinary(b []byte) error {
+	var res SetIDPResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/tenant_configuration_response.go
+++ b/models/tenant_configuration_response.go
@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// TenantConfigurationResponse tenant configuration response
+//
+// swagger:model tenantConfigurationResponse
+type TenantConfigurationResponse struct {
+
+	// environment variables
+	EnvironmentVariables []*EnvironmentVariable `json:"environmentVariables"`
+}
+
+// Validate validates this tenant configuration response
+func (m *TenantConfigurationResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateEnvironmentVariables(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *TenantConfigurationResponse) validateEnvironmentVariables(formats strfmt.Registry) error {
+	if swag.IsZero(m.EnvironmentVariables) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.EnvironmentVariables); i++ {
+		if swag.IsZero(m.EnvironmentVariables[i]) { // not required
+			continue
+		}
+
+		if m.EnvironmentVariables[i] != nil {
+			if err := m.EnvironmentVariables[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("environmentVariables" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("environmentVariables" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this tenant configuration response based on the context it is used
+func (m *TenantConfigurationResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateEnvironmentVariables(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *TenantConfigurationResponse) contextValidateEnvironmentVariables(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.EnvironmentVariables); i++ {
+
+		if m.EnvironmentVariables[i] != nil {
+			if err := m.EnvironmentVariables[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("environmentVariables" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("environmentVariables" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *TenantConfigurationResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *TenantConfigurationResponse) UnmarshalBinary(b []byte) error {
+	var res TenantConfigurationResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/tenant_security_response.go
+++ b/models/tenant_security_response.go
@@ -41,6 +41,9 @@ type TenantSecurityResponse struct {

 	// custom certificates
 	CustomCertificates *TenantSecurityResponseCustomCertificates `json:"customCertificates,omitempty"`
+
+	// security context
+	SecurityContext *SecurityContext `json:"securityContext,omitempty"`
 }

 // Validate validates this tenant security response
@@ -51,6 +54,10 @@ func (m *TenantSecurityResponse) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}

+	if err := m.validateSecurityContext(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -76,6 +83,25 @@ func (m *TenantSecurityResponse) validateCustomCertificates(formats strfmt.Regis
 	return nil
 }

+func (m *TenantSecurityResponse) validateSecurityContext(formats strfmt.Registry) error {
+	if swag.IsZero(m.SecurityContext) { // not required
+		return nil
+	}
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // ContextValidate validate this tenant security response based on the context it is used
 func (m *TenantSecurityResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
@@ -84,6 +110,10 @@ func (m *TenantSecurityResponse) ContextValidate(ctx context.Context, formats st
 		res = append(res, err)
 	}

+	if err := m.contextValidateSecurityContext(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -106,6 +136,22 @@ func (m *TenantSecurityResponse) contextValidateCustomCertificates(ctx context.C
 	return nil
 }

+func (m *TenantSecurityResponse) contextValidateSecurityContext(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *TenantSecurityResponse) MarshalBinary() ([]byte, error) {
 	if m == nil {
@@ -129,6 +175,9 @@ func (m *TenantSecurityResponse) UnmarshalBinary(b []byte) error {
 // swagger:model TenantSecurityResponseCustomCertificates
 type TenantSecurityResponseCustomCertificates struct {

+	// client
+	Client []*CertificateInfo `json:"client"`
+
 	// minio
 	Minio []*CertificateInfo `json:"minio"`

@@ -140,6 +189,10 @@ type TenantSecurityResponseCustomCertificates struct {
 func (m *TenantSecurityResponseCustomCertificates) Validate(formats strfmt.Registry) error {
 	var res []error

+	if err := m.validateClient(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateMinio(formats); err != nil {
 		res = append(res, err)
 	}
@@ -154,6 +207,32 @@ func (m *TenantSecurityResponseCustomCertificates) Validate(formats strfmt.Regis
 	return nil
 }

+func (m *TenantSecurityResponseCustomCertificates) validateClient(formats strfmt.Registry) error {
+	if swag.IsZero(m.Client) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Client); i++ {
+		if swag.IsZero(m.Client[i]) { // not required
+			continue
+		}
+
+		if m.Client[i] != nil {
+			if err := m.Client[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("customCertificates" + "." + "client" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("customCertificates" + "." + "client" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
 func (m *TenantSecurityResponseCustomCertificates) validateMinio(formats strfmt.Registry) error {
 	if swag.IsZero(m.Minio) { // not required
 		return nil
@@ -210,6 +289,10 @@ func (m *TenantSecurityResponseCustomCertificates) validateMinioCAs(formats strf
 func (m *TenantSecurityResponseCustomCertificates) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error

+	if err := m.contextValidateClient(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.contextValidateMinio(ctx, formats); err != nil {
 		res = append(res, err)
 	}
@@ -224,6 +307,26 @@ func (m *TenantSecurityResponseCustomCertificates) ContextValidate(ctx context.C
 	return nil
 }

+func (m *TenantSecurityResponseCustomCertificates) contextValidateClient(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Client); i++ {
+
+		if m.Client[i] != nil {
+			if err := m.Client[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("customCertificates" + "." + "client" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("customCertificates" + "." + "client" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
 func (m *TenantSecurityResponseCustomCertificates) contextValidateMinio(ctx context.Context, formats strfmt.Registry) error {

 	for i := 0; i < len(m.Minio); i++ {
--- a/models/tier.go
+++ b/models/tier.go
@@ -43,11 +43,17 @@ type Tier struct {
 	// gcs
 	Gcs *TierGcs `json:"gcs,omitempty"`

+	// minio
+	Minio *TierMinio `json:"minio,omitempty"`
+
 	// s3
 	S3 *TierS3 `json:"s3,omitempty"`

+	// status
+	Status bool `json:"status,omitempty"`
+
 	// type
-	// Enum: [s3 gcs azure unsupported]
+	// Enum: [s3 gcs azure minio unsupported]
 	Type string `json:"type,omitempty"`
 }

@@ -63,6 +69,10 @@ func (m *Tier) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}

+	if err := m.validateMinio(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateS3(formats); err != nil {
 		res = append(res, err)
 	}
@@ -115,6 +125,25 @@ func (m *Tier) validateGcs(formats strfmt.Registry) error {
 	return nil
 }

+func (m *Tier) validateMinio(formats strfmt.Registry) error {
+	if swag.IsZero(m.Minio) { // not required
+		return nil
+	}
+
+	if m.Minio != nil {
+		if err := m.Minio.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("minio")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("minio")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *Tier) validateS3(formats strfmt.Registry) error {
 	if swag.IsZero(m.S3) { // not required
 		return nil
@@ -138,7 +167,7 @@ var tierTypeTypePropEnum []interface{}

 func init() {
 	var res []string
-	if err := json.Unmarshal([]byte(`["s3","gcs","azure","unsupported"]`), &res); err != nil {
+	if err := json.Unmarshal([]byte(`["s3","gcs","azure","minio","unsupported"]`), &res); err != nil {
 		panic(err)
 	}
 	for _, v := range res {
@@ -157,6 +186,9 @@ const (
 	// TierTypeAzure captures enum value "azure"
 	TierTypeAzure string = "azure"

+	// TierTypeMinio captures enum value "minio"
+	TierTypeMinio string = "minio"
+
 	// TierTypeUnsupported captures enum value "unsupported"
 	TierTypeUnsupported string = "unsupported"
 )
@@ -194,6 +226,10 @@ func (m *Tier) ContextValidate(ctx context.Context, formats strfmt.Registry) err
 		res = append(res, err)
 	}

+	if err := m.contextValidateMinio(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.contextValidateS3(ctx, formats); err != nil {
 		res = append(res, err)
 	}
@@ -236,6 +272,22 @@ func (m *Tier) contextValidateGcs(ctx context.Context, formats strfmt.Registry)
 	return nil
 }

+func (m *Tier) contextValidateMinio(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Minio != nil {
+		if err := m.Minio.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("minio")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("minio")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *Tier) contextValidateS3(ctx context.Context, formats strfmt.Registry) error {

 	if m.S3 != nil {
--- a/models/tier_minio.go
+++ b/models/tier_minio.go
@@ -0,0 +1,97 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// TierMinio tier minio
+//
+// swagger:model tier_minio
+type TierMinio struct {
+
+	// accesskey
+	Accesskey string `json:"accesskey,omitempty"`
+
+	// bucket
+	Bucket string `json:"bucket,omitempty"`
+
+	// endpoint
+	Endpoint string `json:"endpoint,omitempty"`
+
+	// name
+	Name string `json:"name,omitempty"`
+
+	// objects
+	Objects string `json:"objects,omitempty"`
+
+	// prefix
+	Prefix string `json:"prefix,omitempty"`
+
+	// region
+	Region string `json:"region,omitempty"`
+
+	// secretkey
+	Secretkey string `json:"secretkey,omitempty"`
+
+	// storageclass
+	Storageclass string `json:"storageclass,omitempty"`
+
+	// usage
+	Usage string `json:"usage,omitempty"`
+
+	// versions
+	Versions string `json:"versions,omitempty"`
+}
+
+// Validate validates this tier minio
+func (m *TierMinio) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this tier minio based on context it is used
+func (m *TierMinio) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *TierMinio) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *TierMinio) UnmarshalBinary(b []byte) error {
+	var res TierMinio
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/tls_configuration.go
+++ b/models/tls_configuration.go
@@ -36,18 +36,25 @@ import (
 // swagger:model tlsConfiguration
 type TLSConfiguration struct {

-	// ca certificates
-	CaCertificates []string `json:"ca_certificates"`
+	// minio c as certificates
+	MinioCAsCertificates []string `json:"minioCAsCertificates"`

-	// minio
-	Minio []*KeyPairConfiguration `json:"minio"`
+	// minio client certificates
+	MinioClientCertificates []*KeyPairConfiguration `json:"minioClientCertificates"`
+
+	// minio server certificates
+	MinioServerCertificates []*KeyPairConfiguration `json:"minioServerCertificates"`
 }

 // Validate validates this tls configuration
 func (m *TLSConfiguration) Validate(formats strfmt.Registry) error {
 	var res []error

-	if err := m.validateMinio(formats); err != nil {
+	if err := m.validateMinioClientCertificates(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateMinioServerCertificates(formats); err != nil {
 		res = append(res, err)
 	}

@@ -57,22 +64,48 @@ func (m *TLSConfiguration) Validate(formats strfmt.Registry) error {
 	return nil
 }

-func (m *TLSConfiguration) validateMinio(formats strfmt.Registry) error {
-	if swag.IsZero(m.Minio) { // not required
+func (m *TLSConfiguration) validateMinioClientCertificates(formats strfmt.Registry) error {
+	if swag.IsZero(m.MinioClientCertificates) { // not required
 		return nil
 	}

-	for i := 0; i < len(m.Minio); i++ {
-		if swag.IsZero(m.Minio[i]) { // not required
+	for i := 0; i < len(m.MinioClientCertificates); i++ {
+		if swag.IsZero(m.MinioClientCertificates[i]) { // not required
 			continue
 		}

-		if m.Minio[i] != nil {
-			if err := m.Minio[i].Validate(formats); err != nil {
+		if m.MinioClientCertificates[i] != nil {
+			if err := m.MinioClientCertificates[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
-					return ve.ValidateName("minio" + "." + strconv.Itoa(i))
+					return ve.ValidateName("minioClientCertificates" + "." + strconv.Itoa(i))
 				} else if ce, ok := err.(*errors.CompositeError); ok {
-					return ce.ValidateName("minio" + "." + strconv.Itoa(i))
+					return ce.ValidateName("minioClientCertificates" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+func (m *TLSConfiguration) validateMinioServerCertificates(formats strfmt.Registry) error {
+	if swag.IsZero(m.MinioServerCertificates) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.MinioServerCertificates); i++ {
+		if swag.IsZero(m.MinioServerCertificates[i]) { // not required
+			continue
+		}
+
+		if m.MinioServerCertificates[i] != nil {
+			if err := m.MinioServerCertificates[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("minioServerCertificates" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("minioServerCertificates" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -87,7 +120,11 @@ func (m *TLSConfiguration) validateMinio(formats strfmt.Registry) error {
 func (m *TLSConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error

-	if err := m.contextValidateMinio(ctx, formats); err != nil {
+	if err := m.contextValidateMinioClientCertificates(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateMinioServerCertificates(ctx, formats); err != nil {
 		res = append(res, err)
 	}

@@ -97,16 +134,36 @@ func (m *TLSConfiguration) ContextValidate(ctx context.Context, formats strfmt.R
 	return nil
 }

-func (m *TLSConfiguration) contextValidateMinio(ctx context.Context, formats strfmt.Registry) error {
+func (m *TLSConfiguration) contextValidateMinioClientCertificates(ctx context.Context, formats strfmt.Registry) error {

-	for i := 0; i < len(m.Minio); i++ {
+	for i := 0; i < len(m.MinioClientCertificates); i++ {

-		if m.Minio[i] != nil {
-			if err := m.Minio[i].ContextValidate(ctx, formats); err != nil {
+		if m.MinioClientCertificates[i] != nil {
+			if err := m.MinioClientCertificates[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
-					return ve.ValidateName("minio" + "." + strconv.Itoa(i))
+					return ve.ValidateName("minioClientCertificates" + "." + strconv.Itoa(i))
 				} else if ce, ok := err.(*errors.CompositeError); ok {
-					return ce.ValidateName("minio" + "." + strconv.Itoa(i))
+					return ce.ValidateName("minioClientCertificates" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+func (m *TLSConfiguration) contextValidateMinioServerCertificates(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.MinioServerCertificates); i++ {
+
+		if m.MinioServerCertificates[i] != nil {
+			if err := m.MinioServerCertificates[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("minioServerCertificates" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("minioServerCertificates" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
--- a/models/update_tenant_configuration_request.go
+++ b/models/update_tenant_configuration_request.go
@@ -0,0 +1,136 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// UpdateTenantConfigurationRequest update tenant configuration request
+//
+// swagger:model updateTenantConfigurationRequest
+type UpdateTenantConfigurationRequest struct {
+
+	// environment variables
+	EnvironmentVariables []*EnvironmentVariable `json:"environmentVariables"`
+
+	// keys to be deleted
+	KeysToBeDeleted []string `json:"keysToBeDeleted"`
+}
+
+// Validate validates this update tenant configuration request
+func (m *UpdateTenantConfigurationRequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateEnvironmentVariables(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *UpdateTenantConfigurationRequest) validateEnvironmentVariables(formats strfmt.Registry) error {
+	if swag.IsZero(m.EnvironmentVariables) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.EnvironmentVariables); i++ {
+		if swag.IsZero(m.EnvironmentVariables[i]) { // not required
+			continue
+		}
+
+		if m.EnvironmentVariables[i] != nil {
+			if err := m.EnvironmentVariables[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("environmentVariables" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("environmentVariables" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this update tenant configuration request based on the context it is used
+func (m *UpdateTenantConfigurationRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateEnvironmentVariables(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *UpdateTenantConfigurationRequest) contextValidateEnvironmentVariables(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.EnvironmentVariables); i++ {
+
+		if m.EnvironmentVariables[i] != nil {
+			if err := m.EnvironmentVariables[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("environmentVariables" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("environmentVariables" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *UpdateTenantConfigurationRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *UpdateTenantConfigurationRequest) UnmarshalBinary(b []byte) error {
+	var res UpdateTenantConfigurationRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}
--- a/models/update_tenant_security_request.go
+++ b/models/update_tenant_security_request.go
@@ -41,6 +41,9 @@ type UpdateTenantSecurityRequest struct {

 	// custom certificates
 	CustomCertificates *UpdateTenantSecurityRequestCustomCertificates `json:"customCertificates,omitempty"`
+
+	// security context
+	SecurityContext *SecurityContext `json:"securityContext,omitempty"`
 }

 // Validate validates this update tenant security request
@@ -51,6 +54,10 @@ func (m *UpdateTenantSecurityRequest) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}

+	if err := m.validateSecurityContext(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -76,6 +83,25 @@ func (m *UpdateTenantSecurityRequest) validateCustomCertificates(formats strfmt.
 	return nil
 }

+func (m *UpdateTenantSecurityRequest) validateSecurityContext(formats strfmt.Registry) error {
+	if swag.IsZero(m.SecurityContext) { // not required
+		return nil
+	}
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // ContextValidate validate this update tenant security request based on the context it is used
 func (m *UpdateTenantSecurityRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
@@ -84,6 +110,10 @@ func (m *UpdateTenantSecurityRequest) ContextValidate(ctx context.Context, forma
 		res = append(res, err)
 	}

+	if err := m.contextValidateSecurityContext(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -106,6 +136,22 @@ func (m *UpdateTenantSecurityRequest) contextValidateCustomCertificates(ctx cont
 	return nil
 }

+func (m *UpdateTenantSecurityRequest) contextValidateSecurityContext(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.SecurityContext != nil {
+		if err := m.SecurityContext.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("securityContext")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("securityContext")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 // MarshalBinary interface implementation
 func (m *UpdateTenantSecurityRequest) MarshalBinary() ([]byte, error) {
 	if m == nil {
@@ -129,11 +175,14 @@ func (m *UpdateTenantSecurityRequest) UnmarshalBinary(b []byte) error {
 // swagger:model UpdateTenantSecurityRequestCustomCertificates
 type UpdateTenantSecurityRequestCustomCertificates struct {

-	// minio
-	Minio []*KeyPairConfiguration `json:"minio"`
+	// minio c as certificates
+	MinioCAsCertificates []string `json:"minioCAsCertificates"`

-	// minio c as
-	MinioCAs []string `json:"minioCAs"`
+	// minio client certificates
+	MinioClientCertificates []*KeyPairConfiguration `json:"minioClientCertificates"`
+
+	// minio server certificates
+	MinioServerCertificates []*KeyPairConfiguration `json:"minioServerCertificates"`

 	// secrets to be deleted
 	SecretsToBeDeleted []string `json:"secretsToBeDeleted"`
@@ -143,7 +192,11 @@ type UpdateTenantSecurityRequestCustomCertificates struct {
 func (m *UpdateTenantSecurityRequestCustomCertificates) Validate(formats strfmt.Registry) error {
 	var res []error

-	if err := m.validateMinio(formats); err != nil {
+	if err := m.validateMinioClientCertificates(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateMinioServerCertificates(formats); err != nil {
 		res = append(res, err)
 	}

@@ -153,22 +206,48 @@ func (m *UpdateTenantSecurityRequestCustomCertificates) Validate(formats strfmt.
 	return nil
 }

-func (m *UpdateTenantSecurityRequestCustomCertificates) validateMinio(formats strfmt.Registry) error {
-	if swag.IsZero(m.Minio) { // not required
+func (m *UpdateTenantSecurityRequestCustomCertificates) validateMinioClientCertificates(formats strfmt.Registry) error {
+	if swag.IsZero(m.MinioClientCertificates) { // not required
 		return nil
 	}

-	for i := 0; i < len(m.Minio); i++ {
-		if swag.IsZero(m.Minio[i]) { // not required
+	for i := 0; i < len(m.MinioClientCertificates); i++ {
+		if swag.IsZero(m.MinioClientCertificates[i]) { // not required
 			continue
 		}

-		if m.Minio[i] != nil {
-			if err := m.Minio[i].Validate(formats); err != nil {
+		if m.MinioClientCertificates[i] != nil {
+			if err := m.MinioClientCertificates[i].Validate(formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
-					return ve.ValidateName("customCertificates" + "." + "minio" + "." + strconv.Itoa(i))
+					return ve.ValidateName("customCertificates" + "." + "minioClientCertificates" + "." + strconv.Itoa(i))
 				} else if ce, ok := err.(*errors.CompositeError); ok {
-					return ce.ValidateName("customCertificates" + "." + "minio" + "." + strconv.Itoa(i))
+					return ce.ValidateName("customCertificates" + "." + "minioClientCertificates" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+func (m *UpdateTenantSecurityRequestCustomCertificates) validateMinioServerCertificates(formats strfmt.Registry) error {
+	if swag.IsZero(m.MinioServerCertificates) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.MinioServerCertificates); i++ {
+		if swag.IsZero(m.MinioServerCertificates[i]) { // not required
+			continue
+		}
+
+		if m.MinioServerCertificates[i] != nil {
+			if err := m.MinioServerCertificates[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("customCertificates" + "." + "minioServerCertificates" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("customCertificates" + "." + "minioServerCertificates" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
@@ -183,7 +262,11 @@ func (m *UpdateTenantSecurityRequestCustomCertificates) validateMinio(formats st
 func (m *UpdateTenantSecurityRequestCustomCertificates) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error

-	if err := m.contextValidateMinio(ctx, formats); err != nil {
+	if err := m.contextValidateMinioClientCertificates(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateMinioServerCertificates(ctx, formats); err != nil {
 		res = append(res, err)
 	}

@@ -193,16 +276,36 @@ func (m *UpdateTenantSecurityRequestCustomCertificates) ContextValidate(ctx cont
 	return nil
 }

-func (m *UpdateTenantSecurityRequestCustomCertificates) contextValidateMinio(ctx context.Context, formats strfmt.Registry) error {
+func (m *UpdateTenantSecurityRequestCustomCertificates) contextValidateMinioClientCertificates(ctx context.Context, formats strfmt.Registry) error {

-	for i := 0; i < len(m.Minio); i++ {
+	for i := 0; i < len(m.MinioClientCertificates); i++ {

-		if m.Minio[i] != nil {
-			if err := m.Minio[i].ContextValidate(ctx, formats); err != nil {
+		if m.MinioClientCertificates[i] != nil {
+			if err := m.MinioClientCertificates[i].ContextValidate(ctx, formats); err != nil {
 				if ve, ok := err.(*errors.Validation); ok {
-					return ve.ValidateName("customCertificates" + "." + "minio" + "." + strconv.Itoa(i))
+					return ve.ValidateName("customCertificates" + "." + "minioClientCertificates" + "." + strconv.Itoa(i))
 				} else if ce, ok := err.(*errors.CompositeError); ok {
-					return ce.ValidateName("customCertificates" + "." + "minio" + "." + strconv.Itoa(i))
+					return ce.ValidateName("customCertificates" + "." + "minioClientCertificates" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+func (m *UpdateTenantSecurityRequestCustomCertificates) contextValidateMinioServerCertificates(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.MinioServerCertificates); i++ {
+
+		if m.MinioServerCertificates[i] != nil {
+			if err := m.MinioServerCertificates[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("customCertificates" + "." + "minioServerCertificates" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("customCertificates" + "." + "minioServerCertificates" + "." + strconv.Itoa(i))
 				}
 				return err
 			}
--- a/models/vault_configuration.go
+++ b/models/vault_configuration.go
@@ -55,9 +55,6 @@ type VaultConfiguration struct {

 	// status
 	Status *VaultConfigurationStatus `json:"status,omitempty"`
-
-	// tls
-	TLS *VaultConfigurationTLS `json:"tls,omitempty"`
 }

 // Validate validates this vault configuration
@@ -76,10 +73,6 @@ func (m *VaultConfiguration) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}

-	if err := m.validateTLS(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -134,25 +127,6 @@ func (m *VaultConfiguration) validateStatus(formats strfmt.Registry) error {
 	return nil
 }

-func (m *VaultConfiguration) validateTLS(formats strfmt.Registry) error {
-	if swag.IsZero(m.TLS) { // not required
-		return nil
-	}
-
-	if m.TLS != nil {
-		if err := m.TLS.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // ContextValidate validate this vault configuration based on the context it is used
 func (m *VaultConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
@@ -165,10 +139,6 @@ func (m *VaultConfiguration) ContextValidate(ctx context.Context, formats strfmt
 		res = append(res, err)
 	}

-	if err := m.contextValidateTLS(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -207,22 +177,6 @@ func (m *VaultConfiguration) contextValidateStatus(ctx context.Context, formats
 	return nil
 }

-func (m *VaultConfiguration) contextValidateTLS(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.TLS != nil {
-		if err := m.TLS.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // MarshalBinary interface implementation
 func (m *VaultConfiguration) MarshalBinary() ([]byte, error) {
 	if m == nil {
@@ -356,46 +310,3 @@ func (m *VaultConfigurationStatus) UnmarshalBinary(b []byte) error {
 	*m = res
 	return nil
 }
-
-// VaultConfigurationTLS vault configuration TLS
-//
-// swagger:model VaultConfigurationTLS
-type VaultConfigurationTLS struct {
-
-	// ca
-	Ca string `json:"ca,omitempty"`
-
-	// crt
-	Crt string `json:"crt,omitempty"`
-
-	// key
-	Key string `json:"key,omitempty"`
-}
-
-// Validate validates this vault configuration TLS
-func (m *VaultConfigurationTLS) Validate(formats strfmt.Registry) error {
-	return nil
-}
-
-// ContextValidate validates this vault configuration TLS based on context it is used
-func (m *VaultConfigurationTLS) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *VaultConfigurationTLS) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *VaultConfigurationTLS) UnmarshalBinary(b []byte) error {
-	var res VaultConfigurationTLS
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}
--- a/models/vault_configuration_response.go
+++ b/models/vault_configuration_response.go
@@ -55,9 +55,6 @@ type VaultConfigurationResponse struct {

 	// status
 	Status *VaultConfigurationResponseStatus `json:"status,omitempty"`
-
-	// tls
-	TLS *VaultConfigurationResponseTLS `json:"tls,omitempty"`
 }

 // Validate validates this vault configuration response
@@ -76,10 +73,6 @@ func (m *VaultConfigurationResponse) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}

-	if err := m.validateTLS(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -134,25 +127,6 @@ func (m *VaultConfigurationResponse) validateStatus(formats strfmt.Registry) err
 	return nil
 }

-func (m *VaultConfigurationResponse) validateTLS(formats strfmt.Registry) error {
-	if swag.IsZero(m.TLS) { // not required
-		return nil
-	}
-
-	if m.TLS != nil {
-		if err := m.TLS.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // ContextValidate validate this vault configuration response based on the context it is used
 func (m *VaultConfigurationResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
@@ -165,10 +139,6 @@ func (m *VaultConfigurationResponse) ContextValidate(ctx context.Context, format
 		res = append(res, err)
 	}

-	if err := m.contextValidateTLS(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -207,22 +177,6 @@ func (m *VaultConfigurationResponse) contextValidateStatus(ctx context.Context,
 	return nil
 }

-func (m *VaultConfigurationResponse) contextValidateTLS(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.TLS != nil {
-		if err := m.TLS.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // MarshalBinary interface implementation
 func (m *VaultConfigurationResponse) MarshalBinary() ([]byte, error) {
 	if m == nil {
@@ -356,139 +310,3 @@ func (m *VaultConfigurationResponseStatus) UnmarshalBinary(b []byte) error {
 	*m = res
 	return nil
 }
-
-// VaultConfigurationResponseTLS vault configuration response TLS
-//
-// swagger:model VaultConfigurationResponseTLS
-type VaultConfigurationResponseTLS struct {
-
-	// ca
-	Ca *CertificateInfo `json:"ca,omitempty"`
-
-	// crt
-	Crt *CertificateInfo `json:"crt,omitempty"`
-}
-
-// Validate validates this vault configuration response TLS
-func (m *VaultConfigurationResponseTLS) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.validateCa(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if err := m.validateCrt(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *VaultConfigurationResponseTLS) validateCa(formats strfmt.Registry) error {
-	if swag.IsZero(m.Ca) { // not required
-		return nil
-	}
-
-	if m.Ca != nil {
-		if err := m.Ca.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls" + "." + "ca")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls" + "." + "ca")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-func (m *VaultConfigurationResponseTLS) validateCrt(formats strfmt.Registry) error {
-	if swag.IsZero(m.Crt) { // not required
-		return nil
-	}
-
-	if m.Crt != nil {
-		if err := m.Crt.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls" + "." + "crt")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls" + "." + "crt")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// ContextValidate validate this vault configuration response TLS based on the context it is used
-func (m *VaultConfigurationResponseTLS) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.contextValidateCa(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
-	if err := m.contextValidateCrt(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *VaultConfigurationResponseTLS) contextValidateCa(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.Ca != nil {
-		if err := m.Ca.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls" + "." + "ca")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls" + "." + "ca")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-func (m *VaultConfigurationResponseTLS) contextValidateCrt(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.Crt != nil {
-		if err := m.Crt.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls" + "." + "crt")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls" + "." + "crt")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *VaultConfigurationResponseTLS) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *VaultConfigurationResponseTLS) UnmarshalBinary(b []byte) error {
-	var res VaultConfigurationResponseTLS
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}
--- a/operatorapi/config.go
+++ b/operatorapi/config.go
@@ -69,3 +69,10 @@ func getK8sSAToken() string {
 func getMarketplace() string {
 	return env.Get(ConsoleMarketplace, "")
 }
+
+// Get DirectPVMode
+func getDirectPVEnabled() bool {
+	currentMode := env.Get(DirectPVMode, "off")
+
+	return currentMode == "on"
+}
--- a/operatorapi/configure_operator.go
+++ b/operatorapi/configure_operator.go
@@ -89,7 +89,12 @@ func configureAPI(api *operations.OperatorAPI) http.Handler {
 	registerVolumesHandlers(api)
 	// Namespaces handlers
 	registerNamespaceHandlers(api)
+	// Marketplace handlers
 	registerMarketplaceHandlers(api)
+	// Subnet handlers
+	registerOperatorSubnetHandlers(api)
+	// Direct PV handlers
+	registerDirectPVHandlers(api)

 	api.PreServerShutdown = func() {}

--- a/operatorapi/consts.go
+++ b/operatorapi/consts.go
@@ -25,6 +25,9 @@ const (
 	prometheusPath   = "prometheus.io/path"
 	prometheusPort   = "prometheus.io/port"
 	prometheusScrape = "prometheus.io/scrape"
+
+	// Constants for DirectPV
+	DirectPVMode = "DIRECTPV_MODE"
 )

 // Image versions
--- a/operatorapi/directpv.go
+++ b/operatorapi/directpv.go
@@ -0,0 +1,328 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package operatorapi
+
+import (
+	"context"
+	"errors"
+	"sort"
+	"strings"
+
+	"github.com/minio/directpv/pkg/utils"
+
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/minio/console/cluster"
+	"github.com/minio/console/models"
+	"github.com/minio/console/operatorapi/operations"
+	"github.com/minio/console/operatorapi/operations/operator_api"
+	xerrors "github.com/minio/console/restapi"
+	directcsi "github.com/minio/directpv/pkg/apis/direct.csi.min.io/v1beta4"
+	"github.com/minio/directpv/pkg/sys"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+const XFS = "xfs"
+
+func registerDirectPVHandlers(api *operations.OperatorAPI) {
+	api.OperatorAPIGetDirectPVDriveListHandler = operator_api.GetDirectPVDriveListHandlerFunc(func(params operator_api.GetDirectPVDriveListParams, session *models.Principal) middleware.Responder {
+		resp, err := getDirectPVDrivesListResponse(session)
+		if err != nil {
+			return operator_api.NewGetDirectPVDriveListDefault(int(err.Code)).WithPayload(err)
+		}
+		return operator_api.NewGetDirectPVDriveListOK().WithPayload(resp)
+	})
+	api.OperatorAPIGetDirectPVVolumeListHandler = operator_api.GetDirectPVVolumeListHandlerFunc(func(params operator_api.GetDirectPVVolumeListParams, session *models.Principal) middleware.Responder {
+		resp, err := getDirectPVVolumesListResponse(session)
+		if err != nil {
+			return operator_api.NewGetDirectPVVolumeListDefault(int(err.Code)).WithPayload(err)
+		}
+		return operator_api.NewGetDirectPVVolumeListOK().WithPayload(resp)
+	})
+	api.OperatorAPIDirectPVFormatDriveHandler = operator_api.DirectPVFormatDriveHandlerFunc(func(params operator_api.DirectPVFormatDriveParams, session *models.Principal) middleware.Responder {
+		resp, err := formatVolumesResponse(session, params)
+		if err != nil {
+			return operator_api.NewDirectPVFormatDriveDefault(int(err.Code)).WithPayload(err)
+		}
+		return operator_api.NewDirectPVFormatDriveOK().WithPayload(resp)
+	})
+}
+
+// getDirectPVVolumesList returns directPV drives
+func getDirectPVDriveList(ctx context.Context, driveInterface DirectPVDrivesClientI) (*models.GetDirectPVDriveListResponse, error) {
+	drivesList, err := driveInterface.List(ctx, metav1.ListOptions{})
+	if err != nil {
+		return nil, err
+	}
+	res := &models.GetDirectPVDriveListResponse{}
+
+	// implementation same as directPV `drives ls` command
+	driveName := func(val string) string {
+		dr := strings.ReplaceAll(val, sys.DirectCSIDevRoot+"/", "")
+		dr = strings.ReplaceAll(dr, sys.HostDevRoot+"/", "")
+		return strings.ReplaceAll(dr, sys.DirectCSIPartitionInfix, "")
+	}
+	drivesSorted := drivesList.Items
+	// sort by nodename, path and status
+	sort.Slice(drivesSorted, func(i, j int) bool {
+		d1 := drivesSorted[i]
+		d2 := drivesSorted[j]
+
+		if v := strings.Compare(d1.Status.NodeName, d2.Status.NodeName); v != 0 {
+			return v < 0
+		}
+
+		if v := strings.Compare(d1.Status.Path, d2.Status.Path); v != 0 {
+			return v < 0
+		}
+
+		return strings.Compare(string(d1.Status.DriveStatus), string(d2.Status.DriveStatus)) < 0
+	})
+
+	for _, d := range drivesSorted {
+		volumes := 0
+
+		if len(d.Finalizers) > 1 {
+			volumes = len(d.Finalizers) - 1
+		}
+
+		dr := driveName(d.Status.Path)
+		dr = strings.ReplaceAll("/dev/"+dr, sys.DirectCSIPartitionInfix, "")
+
+		status := d.Status.DriveStatus
+		msg := ""
+		for _, c := range d.Status.Conditions {
+			switch c.Type {
+			case string(directcsi.DirectCSIDriveConditionInitialized), string(directcsi.DirectCSIDriveConditionOwned), string(directcsi.DirectCSIDriveConditionReady):
+				if c.Status != metav1.ConditionTrue {
+					msg = c.Message
+					if msg != "" {
+						status = d.Status.DriveStatus + "*"
+						msg = strings.ReplaceAll(msg, d.Name, "")
+						msg = strings.ReplaceAll(msg, sys.DirectCSIDevRoot, "/dev")
+						msg = strings.ReplaceAll(msg, sys.DirectCSIPartitionInfix, "")
+						msg = strings.Split(msg, "\n")[0]
+					}
+				}
+			}
+		}
+
+		var allocatedCapacity int64
+		if status == directcsi.DriveStatusInUse {
+			allocatedCapacity = d.Status.AllocatedCapacity
+		}
+
+		drStatus := d.Status.DriveStatus
+
+		driveInfo := &models.DirectPVDriveInfo{
+			Drive:     dr,
+			Capacity:  d.Status.TotalCapacity,
+			Allocated: allocatedCapacity,
+			Node:      d.Status.NodeName,
+			Status:    string(drStatus),
+			Message:   msg,
+			Volumes:   int64(volumes),
+		}
+		res.Drives = append(res.Drives, driveInfo)
+	}
+
+	return res, nil
+}
+
+func getDirectPVDrivesListResponse(session *models.Principal) (*models.GetDirectPVDriveListResponse, *models.Error) {
+	ctx := context.Background()
+
+	driveInterface, err := cluster.DirectPVDriveInterface(session.STSSessionToken)
+	if err != nil {
+		return nil, xerrors.ErrorWithContext(ctx, err)
+	}
+
+	directPVDrvClient := &directPVDrivesClient{
+		client: driveInterface,
+	}
+
+	drives, err := getDirectPVDriveList(ctx, directPVDrvClient)
+	if err != nil {
+		return nil, xerrors.ErrorWithContext(ctx, err)
+	}
+	return drives, nil
+}
+
+// getDirectPVVolumesList returns directPV volumes
+func getDirectPVVolumesList(ctx context.Context, volumeInterface DirectPVVolumesClientI) (*models.GetDirectPVVolumeListResponse, error) {
+	volList, err := volumeInterface.List(ctx, metav1.ListOptions{})
+	if err != nil {
+		return nil, err
+	}
+
+	driveName := func(val string) string {
+		dr := strings.ReplaceAll(val, sys.DirectCSIDevRoot+"/", "")
+		return strings.ReplaceAll(dr, sys.HostDevRoot+"/", "")
+	}
+
+	getLabelValue := func(obj metav1.Object, key string) string {
+		if labels := obj.GetLabels(); labels != nil {
+			return labels[key]
+		}
+		return ""
+	}
+
+	var volumes []*models.DirectPVVolumeInfo
+	for _, v := range volList.Items {
+		vol := &models.DirectPVVolumeInfo{
+			Volume:   v.Name,
+			Capacity: v.Status.TotalCapacity,
+			Drive:    driveName(getLabelValue(&v, string(utils.DrivePathLabelKey))),
+			Node:     v.Status.NodeName,
+		}
+
+		volumes = append(volumes, vol)
+	}
+
+	res := &models.GetDirectPVVolumeListResponse{
+		Volumes: volumes,
+	}
+	return res, nil
+}
+
+func getDirectPVVolumesListResponse(session *models.Principal) (*models.GetDirectPVVolumeListResponse, *models.Error) {
+	ctx := context.Background()
+
+	volumeInterface, err := cluster.DirectPVVolumeInterface(session.STSSessionToken)
+	if err != nil {
+		return nil, xerrors.ErrorWithContext(ctx, err)
+	}
+
+	directPVVolClient := &directPVVolumesClient{
+		client: volumeInterface,
+	}
+
+	volumes, err := getDirectPVVolumesList(ctx, directPVVolClient)
+	if err != nil {
+		return nil, xerrors.ErrorWithContext(ctx, err)
+	}
+	return volumes, nil
+}
+
+func formatDrives(ctx context.Context, driveInterface DirectPVDrivesClientI, drives []string, force bool) (*models.FormatDirectPVDrivesResponse, error) {
+	if len(drives) == 0 {
+		return nil, errors.New("at least one drive needs to be set")
+	}
+
+	driveList, err := driveInterface.List(ctx, metav1.ListOptions{})
+	if err != nil {
+		return nil, err
+	}
+
+	driveName := func(val string) string {
+		dr := strings.ReplaceAll(val, sys.DirectCSIDevRoot+"/", "")
+		dr = strings.ReplaceAll(dr, sys.HostDevRoot+"/", "")
+		return strings.ReplaceAll(dr, sys.DirectCSIPartitionInfix, "")
+	}
+
+	drivesArray := map[string]string{}
+
+	for _, driveFromAPI := range drives {
+		drivesArray[driveFromAPI] = driveFromAPI
+	}
+
+	if len(driveList.Items) == 0 {
+		return nil, errors.New("no resources found globally")
+	}
+
+	var errorResponses []*models.PvFormatErrorResponse
+
+	for _, driveItem := range driveList.Items {
+		drName := "/dev/" + driveName(driveItem.Status.Path)
+		driveName := driveItem.Status.NodeName + ":" + drName
+
+		base := &models.PvFormatErrorResponse{
+			Node:  driveItem.Status.NodeName,
+			Drive: drName,
+			Error: "",
+		}
+
+		// Element is requested to be formatted
+		if _, ok := drivesArray[driveName]; ok {
+			if driveItem.Status.DriveStatus == directcsi.DriveStatusUnavailable {
+				base.Error = "Status is unavailable"
+				errorResponses = append(errorResponses, base)
+				continue
+			}
+
+			if driveItem.Status.DriveStatus == directcsi.DriveStatusInUse {
+				base.Error = "Drive in use. Cannot be formatted"
+				errorResponses = append(errorResponses, base)
+				continue
+			}
+
+			if driveItem.Status.DriveStatus == directcsi.DriveStatusReady {
+				base.Error = "Drive already owned and managed."
+				errorResponses = append(errorResponses, base)
+				continue
+			}
+			if driveItem.Status.Filesystem != "" && !force {
+				base.Error = "Drive already has a fs. Use force to overwrite"
+				errorResponses = append(errorResponses, base)
+				continue
+			}
+
+			if driveItem.Status.DriveStatus == directcsi.DriveStatusReleased {
+				base.Error = "Drive is in 'released state'. Please wait until it becomes available"
+				errorResponses = append(errorResponses, base)
+				continue
+			}
+
+			// Validation passes, we request format
+			driveItem.Spec.DirectCSIOwned = true
+			driveItem.Spec.RequestedFormat = &directcsi.RequestedFormat{
+				Filesystem: XFS,
+				Force:      force,
+			}
+
+			_, err := driveInterface.Update(ctx, &driveItem, metav1.UpdateOptions{})
+			if err != nil {
+				base.Error = err.Error()
+				errorResponses = append(errorResponses, base)
+			}
+		}
+	}
+
+	returnErrors := &models.FormatDirectPVDrivesResponse{
+		FormatIssuesList: errorResponses,
+	}
+
+	return returnErrors, nil
+}
+
+func formatVolumesResponse(session *models.Principal, params operator_api.DirectPVFormatDriveParams) (*models.FormatDirectPVDrivesResponse, *models.Error) {
+	ctx := context.Background()
+
+	driveInterface, err := cluster.DirectPVDriveInterface(session.STSSessionToken)
+	if err != nil {
+		return nil, xerrors.ErrorWithContext(ctx, err)
+	}
+
+	directPVDrvClient := &directPVDrivesClient{
+		client: driveInterface,
+	}
+
+	formatResult, errFormat := formatDrives(ctx, directPVDrvClient, params.Body.Drives, *params.Body.Force)
+	if errFormat != nil {
+		return nil, xerrors.ErrorWithContext(ctx, errFormat)
+	}
+	return formatResult, nil
+}
--- a/operatorapi/directpv_client.go
+++ b/operatorapi/directpv_client.go
@@ -0,0 +1,73 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package operatorapi
+
+import (
+	"context"
+
+	"github.com/minio/directpv/pkg/apis/direct.csi.min.io/v1beta4"
+	directPVClient "github.com/minio/directpv/pkg/client"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// DirectPVDrivesClientI interface with all functions to be implemented
+// by mock when testing, it should include all DirectPVDrivesClientI respective api calls
+// that are used within this project.
+type DirectPVDrivesClientI interface {
+	List(ctx context.Context, opts metav1.ListOptions) (*v1beta4.DirectCSIDriveList, error)
+	Update(ctx context.Context, driveItem *v1beta4.DirectCSIDrive, opts metav1.UpdateOptions) (*v1beta4.DirectCSIDriveList, error)
+}
+
+// Interface implementation
+//
+// Define the structure of directpv drive client and define the functions that are actually used
+// from the minio operator / directpv interface.
+
+type directPVDrivesClient struct {
+	client *directPVClient.DirectCSIDriveInterface
+}
+
+// List implements the listing for DirectPV Drives List functionality
+func (dpd *directPVDrivesClient) List(ctx context.Context, opts metav1.ListOptions) (*v1beta4.DirectCSIDriveList, error) {
+	return dpd.List(ctx, opts)
+}
+
+// Update implements the listing for DirectPV Drives Update functionality
+func (dpd *directPVDrivesClient) Update(ctx context.Context, driveItem *v1beta4.DirectCSIDrive, opts metav1.UpdateOptions) (*v1beta4.DirectCSIDriveList, error) {
+	return dpd.Update(ctx, driveItem, opts)
+}
+
+// DirectPVVolumesClientI interface with all functions to be implemented
+// by mock when testing, it should include all DirectPVVolumesClientI respective api calls
+// that are used within this project.
+type DirectPVVolumesClientI interface {
+	List(ctx context.Context, opts metav1.ListOptions) (*v1beta4.DirectCSIVolumeList, error)
+}
+
+// Interface implementation
+//
+// Define the structure of directpv volumes client and define the functions that are actually used
+// from the minio operator / directpv interface.
+
+type directPVVolumesClient struct {
+	client *directPVClient.DirectCSIVolumeInterface
+}
+
+// List implements the listing for DirectPV Volumes List functionality
+func (dpv *directPVVolumesClient) List(ctx context.Context, opts metav1.ListOptions) (*v1beta4.DirectCSIVolumeList, error) {
+	return dpv.List(ctx, opts)
+}
--- a/operatorapi/directpv_test.go
+++ b/operatorapi/directpv_test.go
@@ -0,0 +1,410 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package operatorapi
+
+import (
+	"context"
+	"errors"
+	"testing"
+
+	"github.com/minio/directpv/pkg/apis/direct.csi.min.io/v1beta4"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+var (
+	dpdClientListMock   func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error)
+	dpdClientUpdateMock func(ctx context.Context, driveItem *v1beta4.DirectCSIDrive, opts v1.UpdateOptions) (*v1beta4.DirectCSIDriveList, error)
+)
+
+// mock function for drives List()
+func (dpdm directPVDriveMock) List(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error) {
+	return dpdClientListMock(ctx, opts)
+}
+
+func (dpdm directPVDriveMock) Update(ctx context.Context, driveItem *v1beta4.DirectCSIDrive, opts v1.UpdateOptions) (*v1beta4.DirectCSIDriveList, error) {
+	return dpdClientUpdateMock(ctx, driveItem, opts)
+}
+
+var dpvClientListMock func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIVolumeList, error)
+
+// mock function for volumes List()
+func (dpvm directPVVolumeMock) List(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIVolumeList, error) {
+	return dpvClientListMock(ctx, opts)
+}
+
+// DirectPVDrivesList
+func Test_GetDirectPVDrives(t *testing.T) {
+	directPVDrvMock := directPVDriveMock{}
+
+	type args struct {
+		ctx  context.Context
+		opts v1.ListOptions
+	}
+	tests := []struct {
+		name           string
+		args           args
+		client         DirectPVDrivesClientI
+		mockListDrives func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error)
+		wantErr        bool
+	}{
+		{
+			name: "Can List Drives correctly",
+			args: args{
+				ctx:  context.Background(),
+				opts: v1.ListOptions{},
+			},
+			client: directPVDrvMock,
+			mockListDrives: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error) {
+				items := []v1beta4.DirectCSIDrive{}
+
+				returnList := v1beta4.DirectCSIDriveList{
+					Items: items,
+				}
+
+				return &returnList, nil
+			},
+			wantErr: false,
+		},
+		{
+			name: "Drives request from DirectPV failed",
+			args: args{
+				ctx: context.Background(),
+			},
+			client: directPVDrvMock,
+			mockListDrives: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error) {
+				return nil, errors.New("some error occurred")
+			},
+			wantErr: true,
+		},
+		{
+			name: "Drives request from DirectPV has information and doesn't return errors",
+			args: args{
+				ctx: context.Background(),
+			},
+			client: directPVDrvMock,
+			mockListDrives: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error) {
+				items := []v1beta4.DirectCSIDrive{
+					{
+						Status: v1beta4.DirectCSIDriveStatus{
+							Path:              "/var/lib/direct-csi/devices/test-part-dev0-directcsi",
+							AllocatedCapacity: 0,
+							FreeCapacity:      4772382377372,
+							RootPartition:     "/",
+							PartitionNum:      0,
+							Filesystem:        "nfs",
+							Mountpoint:        "",
+							NodeName:          "test-dev0-directcsi",
+							DriveStatus:       v1beta4.DriveStatusReady,
+							ModelNumber:       "testModel",
+							SerialNumber:      "testSN",
+							TotalCapacity:     4772382377372,
+							PhysicalBlockSize: 1024,
+							LogicalBlockSize:  1024,
+							AccessTier:        "",
+							FilesystemUUID:    "",
+							PartitionUUID:     "",
+							MajorNumber:       0,
+							MinorNumber:       0,
+							UeventSerial:      "",
+							UeventFSUUID:      "",
+							WWID:              "",
+							Vendor:            "",
+							DMName:            "",
+							DMUUID:            "",
+							MDUUID:            "",
+							PartTableUUID:     "",
+							PartTableType:     "",
+							Virtual:           false,
+							ReadOnly:          false,
+							Partitioned:       false,
+							SwapOn:            false,
+							Master:            "",
+							OtherMountsInfo:   nil,
+							PCIPath:           "",
+							SerialNumberLong:  "",
+							Conditions: []v1.Condition{{
+								Type:               "",
+								Status:             "",
+								ObservedGeneration: 0,
+								LastTransitionTime: v1.Time{},
+								Reason:             "",
+								Message:            "",
+							}},
+						},
+					},
+					{
+						Status: v1beta4.DirectCSIDriveStatus{
+							Path:              "/var/lib/direct-csi/devices/test-part-dev1-directcsi",
+							AllocatedCapacity: 0,
+							FreeCapacity:      4772382377372,
+							RootPartition:     "/",
+							PartitionNum:      0,
+							Filesystem:        "nfs",
+							Mountpoint:        "",
+							NodeName:          "test-dev1-directcsi",
+							DriveStatus:       v1beta4.DriveStatus(v1beta4.DirectCSIDriveConditionOwned),
+							ModelNumber:       "testModel",
+							SerialNumber:      "testSN2",
+							TotalCapacity:     4772382377372,
+							PhysicalBlockSize: 1024,
+							LogicalBlockSize:  1024,
+							AccessTier:        "",
+							FilesystemUUID:    "",
+							PartitionUUID:     "",
+							MajorNumber:       0,
+							MinorNumber:       0,
+							UeventSerial:      "",
+							UeventFSUUID:      "",
+							WWID:              "",
+							Vendor:            "",
+							DMName:            "",
+							DMUUID:            "",
+							MDUUID:            "",
+							PartTableUUID:     "",
+							PartTableType:     "",
+							Virtual:           false,
+							ReadOnly:          false,
+							Partitioned:       false,
+							SwapOn:            false,
+							Master:            "",
+							OtherMountsInfo:   nil,
+							PCIPath:           "",
+							SerialNumberLong:  "",
+							Conditions:        nil,
+						},
+					},
+				}
+
+				returnList := v1beta4.DirectCSIDriveList{
+					Items: items,
+				}
+
+				return &returnList, nil
+			},
+			wantErr: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			dpdClientListMock = tt.mockListDrives
+
+			_, err := getDirectPVDriveList(tt.args.ctx, tt.client)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("getNamespaceCreated() error = %v, wantErr %v", err, tt.wantErr)
+			}
+		})
+	}
+}
+
+// DirectPVVolumesList
+func Test_GetDirectPVVolumes(t *testing.T) {
+	directPVVolMock := directPVVolumeMock{}
+
+	type args struct {
+		ctx  context.Context
+		opts v1.ListOptions
+	}
+	tests := []struct {
+		name            string
+		args            args
+		volumesClient   DirectPVVolumesClientI
+		mockListVolumes func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIVolumeList, error)
+		wantErr         bool
+	}{
+		{
+			name: "Can List Volumes correctly",
+			args: args{
+				ctx:  context.Background(),
+				opts: v1.ListOptions{},
+			},
+			volumesClient: directPVVolMock,
+			mockListVolumes: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIVolumeList, error) {
+				items := []v1beta4.DirectCSIVolume{}
+
+				returnList := v1beta4.DirectCSIVolumeList{
+					Items: items,
+				}
+
+				return &returnList, nil
+			},
+			wantErr: false,
+		},
+		{
+			name: "Drives request from DirectPV is ok but volumes request failed",
+			args: args{
+				ctx: context.Background(),
+			},
+			volumesClient: directPVVolMock,
+			mockListVolumes: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIVolumeList, error) {
+				return nil, errors.New("some error occurred")
+			},
+			wantErr: true,
+		},
+		{
+			name: "Can List Volumes & Drives correctly without any issue",
+			args: args{
+				ctx:  context.Background(),
+				opts: v1.ListOptions{},
+			},
+			volumesClient: directPVVolMock,
+			mockListVolumes: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIVolumeList, error) {
+				items := []v1beta4.DirectCSIVolume{{
+					Status: v1beta4.DirectCSIVolumeStatus{
+						Drive:             "/var/lib/direct-csi/devices/test-part-dev1-directcsi",
+						NodeName:          "testNodeName",
+						HostPath:          "",
+						StagingPath:       "",
+						ContainerPath:     "",
+						TotalCapacity:     4772382377372,
+						AvailableCapacity: 4772382377372,
+						UsedCapacity:      0,
+						Conditions:        nil,
+					},
+				}}
+
+				returnList := v1beta4.DirectCSIVolumeList{
+					Items: items,
+				}
+
+				return &returnList, nil
+			},
+			wantErr: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			dpvClientListMock = tt.mockListVolumes
+
+			_, err := getDirectPVVolumesList(tt.args.ctx, tt.volumesClient)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("getNamespaceCreated() error = %v, wantErr %v", err, tt.wantErr)
+			}
+		})
+	}
+}
+
+// FormatDrives
+func Test_GetDirectPVFormatDrives(t *testing.T) {
+	directPVDrvMock := directPVDriveMock{}
+
+	type args struct {
+		ctx  context.Context
+		opts v1.ListOptions
+	}
+	tests := []struct {
+		name           string
+		args           args
+		drivesClient   DirectPVDrivesClientI
+		mockListDrives func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error)
+		drives         []string
+		force          bool
+		wantErr        bool
+	}{
+		{
+			name: "Format doesn't crash on empty list & returns error",
+			args: args{
+				ctx:  context.Background(),
+				opts: v1.ListOptions{},
+			},
+			drivesClient: directPVDrvMock,
+			mockListDrives: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error) {
+				items := []v1beta4.DirectCSIDrive{}
+
+				returnList := v1beta4.DirectCSIDriveList{
+					Items: items,
+				}
+
+				return &returnList, nil
+			},
+			drives:  []string{},
+			force:   false,
+			wantErr: true,
+		},
+		{
+			name: "Can Format Selected drives",
+			args: args{
+				ctx:  context.Background(),
+				opts: v1.ListOptions{},
+			},
+			drivesClient: directPVDrvMock,
+			mockListDrives: func(ctx context.Context, opts v1.ListOptions) (*v1beta4.DirectCSIDriveList, error) {
+				items := []v1beta4.DirectCSIDrive{
+					{
+						Status: v1beta4.DirectCSIDriveStatus{
+							Path:              "/var/lib/direct-csi/devices/test-part-dev1-directcsi",
+							AllocatedCapacity: 0,
+							FreeCapacity:      4772382377372,
+							RootPartition:     "/",
+							PartitionNum:      0,
+							Filesystem:        "nfs",
+							Mountpoint:        "",
+							NodeName:          "test-dev1-directcsi",
+							DriveStatus:       v1beta4.DriveStatusAvailable,
+							ModelNumber:       "testModel",
+							SerialNumber:      "testSN2",
+							TotalCapacity:     4772382377372,
+							PhysicalBlockSize: 1024,
+							LogicalBlockSize:  1024,
+							AccessTier:        "",
+							FilesystemUUID:    "",
+							PartitionUUID:     "",
+							MajorNumber:       0,
+							MinorNumber:       0,
+							UeventSerial:      "",
+							UeventFSUUID:      "",
+							WWID:              "",
+							Vendor:            "",
+							DMName:            "",
+							DMUUID:            "",
+							MDUUID:            "",
+							PartTableUUID:     "",
+							PartTableType:     "",
+							Virtual:           false,
+							ReadOnly:          false,
+							Partitioned:       false,
+							SwapOn:            false,
+							Master:            "",
+							OtherMountsInfo:   nil,
+							PCIPath:           "",
+							SerialNumberLong:  "",
+							Conditions:        nil,
+						},
+					},
+				}
+
+				returnList := v1beta4.DirectCSIDriveList{
+					Items: items,
+				}
+
+				return &returnList, nil
+			},
+			drives:  []string{"test-dev1-directcsi:/dev/testdev1-directcsi"},
+			force:   false,
+			wantErr: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			dpdClientListMock = tt.mockListDrives
+
+			_, err := formatDrives(tt.args.ctx, tt.drivesClient, tt.drives, tt.force)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("getNamespaceCreated() error = %v, wantErr %v", err, tt.wantErr)
+			}
+		})
+	}
+}
--- a/operatorapi/doc.go
+++ b/operatorapi/doc.go
@@ -18,18 +18,18 @@

 // Package operatorapi MinIO Console Server
 //
-//  Schemes:
-//    http
-//    ws
-//  Host: localhost
-//  BasePath: /api/v1
-//  Version: 0.1.0
+//	Schemes:
+//	  http
+//	  ws
+//	Host: localhost
+//	BasePath: /api/v1
+//	Version: 0.1.0
 //
-//  Consumes:
-//    - application/json
+//	Consumes:
+//	  - application/json
 //
-//  Produces:
-//    - application/json
+//	Produces:
+//	  - application/json
 //
 // swagger:meta
 package operatorapi
--- a/operatorapi/embedded_spec.go
+++ b/operatorapi/embedded_spec.go
--- a/operatorapi/login.go
+++ b/operatorapi/login.go
@@ -25,6 +25,7 @@ import (
 	xoauth2 "golang.org/x/oauth2"

 	"github.com/minio/minio-go/v7/pkg/credentials"
+	"github.com/minio/pkg/env"

 	"github.com/minio/console/restapi"

@@ -93,6 +94,15 @@ func login(credentials restapi.ConsoleCredentialsI) (*string, error) {
 	return &token, nil
 }

+// isKubernetes returns true if minio is running in kubernetes.
+func isKubernetes() bool {
+	// Kubernetes env used to validate if we are
+	// indeed running inside a kubernetes pod
+	// is KUBERNETES_SERVICE_HOST
+	// https://github.com/kubernetes/kubernetes/blob/master/pkg/kubelet/kubelet_pods.go#L541
+	return env.Get("KUBERNETES_SERVICE_HOST", "") != ""
+}
+
 // getLoginDetailsResponse returns information regarding the Console authentication mechanism.
 func getLoginDetailsResponse(params authApi.LoginDetailParams) (*models.LoginDetails, *models.Error) {
 	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
@@ -101,23 +111,35 @@ func getLoginDetailsResponse(params authApi.LoginDetailParams) (*models.LoginDet
 	r := params.HTTPRequest

 	loginStrategy := models.LoginDetailsLoginStrategyServiceDashAccount
-	redirectURL := ""
+
+	var redirectRules []*models.RedirectRule

 	if oauth2.IsIDPEnabled() {
 		loginStrategy = models.LoginDetailsLoginStrategyRedirectDashServiceDashAccount
 		// initialize new oauth2 client
-		oauth2Client, err := oauth2.NewOauth2ProviderClient(nil, r, restapi.GetConsoleHTTPClient())
+		oauth2Client, err := oauth2.NewOauth2ProviderClient(nil, r, restapi.GetConsoleHTTPClient(""))
 		if err != nil {
 			return nil, restapi.ErrorWithContext(ctx, err)
 		}
 		// Validate user against IDP
-		identityProvider := &auth.IdentityProvider{Client: oauth2Client}
-		redirectURL = identityProvider.GenerateLoginURL()
+		identityProvider := &auth.IdentityProvider{
+			KeyFunc: oauth2.DefaultDerivedKey,
+			Client:  oauth2Client,
+		}
+
+		newRedirectRule := &models.RedirectRule{
+			Redirect:    identityProvider.GenerateLoginURL(),
+			DisplayName: "Login with SSO",
+		}
+
+		redirectRules = append(redirectRules, newRedirectRule)
 	}

 	loginDetails := &models.LoginDetails{
 		LoginStrategy: loginStrategy,
-		Redirect:      redirectURL,
+		RedirectRules: redirectRules,
+		IsDirectPV:    getDirectPVEnabled(),
+		IsK8S:         isKubernetes(),
 	}
 	return loginDetails, nil
 }
@@ -140,12 +162,15 @@ func getLoginOauth2AuthResponse(params authApi.LoginOauth2AuthParams) (*models.L

 	if oauth2.IsIDPEnabled() {
 		// initialize new oauth2 client
-		oauth2Client, err := oauth2.NewOauth2ProviderClient(nil, r, restapi.GetConsoleHTTPClient())
+		oauth2Client, err := oauth2.NewOauth2ProviderClient(nil, r, restapi.GetConsoleHTTPClient(""))
 		if err != nil {
 			return nil, restapi.ErrorWithContext(ctx, err)
 		}
 		// initialize new identity provider
-		identityProvider := auth.IdentityProvider{Client: oauth2Client}
+		identityProvider := auth.IdentityProvider{
+			KeyFunc: oauth2.DefaultDerivedKey,
+			Client:  oauth2Client,
+		}
 		// Validate user against IDP
 		_, err = verifyUserAgainstIDP(ctx, identityProvider, *lr.Code, *lr.State)
 		if err != nil {
--- a/operatorapi/marketplace_test.go
+++ b/operatorapi/marketplace_test.go
@@ -19,7 +19,9 @@ package operatorapi
 import (
 	"context"
 	"errors"
+	"fmt"
 	"net/http"
+	"net/http/httptest"
 	"os"
 	"testing"

@@ -34,6 +36,7 @@ import (

 var (
 	testWithError                = false
+	testServerWithError          = false
 	errMock                      = errors.New("mock error")
 	k8sClientGetConfigMapMock    func(ctx context.Context, namespace, configMap string, opts metav1.GetOptions) (*corev1.ConfigMap, error)
 	k8sClientCreateConfigMapMock func(ctx context.Context, namespace string, cm *corev1.ConfigMap, opts metav1.CreateOptions) (*corev1.ConfigMap, error)
@@ -43,9 +46,10 @@ var (

 type MarketplaceTestSuite struct {
 	suite.Suite
-	assert    *assert.Assertions
-	kClient   k8sClientMock
-	namespace string
+	assert     *assert.Assertions
+	kClient    k8sClientMock
+	namespace  string
+	postServer *httptest.Server
 }

 func (c k8sClientMock) getConfigMap(ctx context.Context, namespace, configMap string, opts metav1.GetOptions) (*corev1.ConfigMap, error) {
@@ -72,6 +76,17 @@ func (suite *MarketplaceTestSuite) SetupSuite() {
 	k8sClientUpdateConfigMapMock = suite.updateConfigMapMock
 	k8sClientDeleteConfigMapMock = suite.deleteConfigMapMock
 	os.Setenv(mpConfigMapKey, "mp-mock-config")
+	suite.postServer = httptest.NewServer(http.HandlerFunc(suite.postHandler))
+}
+
+func (suite *MarketplaceTestSuite) postHandler(
+	w http.ResponseWriter, r *http.Request,
+) {
+	if testServerWithError {
+		w.WriteHeader(400)
+	} else {
+		fmt.Fprintf(w, `{"post": "Post response"}`)
+	}
 }

 func (suite *MarketplaceTestSuite) TearDownSuite() {
@@ -173,14 +188,26 @@ func (suite *MarketplaceTestSuite) TestSetMPIntegrationWithError() {
 	os.Unsetenv(mpHostEnvVar)
 }

-// TODO: Add mock server for testing microservice
-// func (suite *MarketplaceTestSuite) TestSetMPIntegrationNoError() {
-// 	testWithError = false
-// 	ctx, cancel := context.WithCancel(context.Background())
-// 	defer cancel()
-// 	err := setMPIntegration(ctx, "mock@mock.com", "token", &suite.kClient)
-// 	suite.assert.Nil(err)
-// }
+func (suite *MarketplaceTestSuite) TestSetMPIntegrationNoError() {
+	testWithError = false
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+	os.Setenv(mpHostEnvVar, suite.postServer.URL)
+	err := setMPIntegration(ctx, "mock@mock.com", false, &suite.kClient)
+	suite.assert.Nil(err)
+	os.Unsetenv(mpHostEnvVar)
+}
+
+func (suite *MarketplaceTestSuite) TestSetMPIntegrationWithRequestError() {
+	testWithError = false
+	testServerWithError = true
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+	os.Setenv(mpHostEnvVar, suite.postServer.URL)
+	err := setMPIntegration(ctx, "mock@mock.com", false, &suite.kClient)
+	suite.assert.NotNil(err)
+	os.Unsetenv(mpHostEnvVar)
+}

 func TestMarketplace(t *testing.T) {
 	suite.Run(t, new(MarketplaceTestSuite))
--- a/operatorapi/minio_operator_mock.go
+++ b/operatorapi/minio_operator_mock.go
@@ -22,8 +22,10 @@ import (
 )

 type (
-	opClientMock   struct{}
-	httpClientMock struct{}
+	opClientMock       struct{}
+	httpClientMock     struct{}
+	directPVDriveMock  struct{}
+	directPVVolumeMock struct{}
 )

 func createMockPVC(pvcMockName, pvcMockNamespace string) *v1.PersistentVolumeClaim {
--- a/operatorapi/operations/auth/login_detail.go
+++ b/operatorapi/operations/auth/login_detail.go
@@ -46,10 +46,10 @@ func NewLoginDetail(ctx *middleware.Context, handler LoginDetailHandler) *LoginD
 	return &LoginDetail{Context: ctx, Handler: handler}
 }

-/* LoginDetail swagger:route GET /login Auth loginDetail
+/*
+	LoginDetail swagger:route GET /login Auth loginDetail

 Returns login strategy, form or sso.
-
 */
 type LoginDetail struct {
 	Context *middleware.Context
--- a/operatorapi/operations/auth/login_detail_responses.go
+++ b/operatorapi/operations/auth/login_detail_responses.go
@@ -33,7 +33,8 @@ import (
 // LoginDetailOKCode is the HTTP code returned for type LoginDetailOK
 const LoginDetailOKCode int = 200

-/*LoginDetailOK A successful response.
+/*
+LoginDetailOK A successful response.

 swagger:response loginDetailOK
 */
@@ -74,7 +75,8 @@ func (o *LoginDetailOK) WriteResponse(rw http.ResponseWriter, producer runtime.P
 	}
 }

-/*LoginDetailDefault Generic error response.
+/*
+LoginDetailDefault Generic error response.

 swagger:response loginDetailDefault
 */
--- a/operatorapi/operations/auth/login_oauth2_auth.go
+++ b/operatorapi/operations/auth/login_oauth2_auth.go
@@ -46,10 +46,10 @@ func NewLoginOauth2Auth(ctx *middleware.Context, handler LoginOauth2AuthHandler)
 	return &LoginOauth2Auth{Context: ctx, Handler: handler}
 }

-/* LoginOauth2Auth swagger:route POST /login/oauth2/auth Auth loginOauth2Auth
+/*
+	LoginOauth2Auth swagger:route POST /login/oauth2/auth Auth loginOauth2Auth

 Identity Provider oauth2 callback endpoint.
-
 */
 type LoginOauth2Auth struct {
 	Context *middleware.Context
--- a/operatorapi/operations/auth/login_oauth2_auth_parameters.go
+++ b/operatorapi/operations/auth/login_oauth2_auth_parameters.go
@@ -23,7 +23,6 @@ package auth
 // Editing this file might prove futile when you re-run the swagger generate command

 import (
-	"context"
 	"io"
 	"net/http"

@@ -83,7 +82,7 @@ func (o *LoginOauth2AuthParams) BindRequest(r *http.Request, route *middleware.M
 				res = append(res, err)
 			}

-			ctx := validate.WithOperationRequest(context.Background())
+			ctx := validate.WithOperationRequest(r.Context())
 			if err := body.ContextValidate(ctx, route.Formats); err != nil {
 				res = append(res, err)
 			}
--- a/operatorapi/operations/auth/login_oauth2_auth_responses.go
+++ b/operatorapi/operations/auth/login_oauth2_auth_responses.go
@@ -33,7 +33,8 @@ import (
 // LoginOauth2AuthNoContentCode is the HTTP code returned for type LoginOauth2AuthNoContent
 const LoginOauth2AuthNoContentCode int = 204

-/*LoginOauth2AuthNoContent A successful login.
+/*
+LoginOauth2AuthNoContent A successful login.

 swagger:response loginOauth2AuthNoContent
 */
@@ -54,7 +55,8 @@ func (o *LoginOauth2AuthNoContent) WriteResponse(rw http.ResponseWriter, produce
 	rw.WriteHeader(204)
 }

-/*LoginOauth2AuthDefault Generic error response.
+/*
+LoginOauth2AuthDefault Generic error response.

 swagger:response loginOauth2AuthDefault
 */
--- a/Show More
+++ b/Show More