Release v0.22.2 (#2495)

Signed-off-by: Daniel Valdivia
<18384552+dvaldivia@users.noreply.github.com>

.golangci.yml

@@ -14,24 +14,19 @@ linters-settings:
 linters:
   disable-all: true
   enable:
-    - typecheck
     - goimports
     - misspell
     - govet
     - revive
     - ineffassign
     - gosimple
-    - deadcode
-    - structcheck
     - gomodguard
     - gofmt
     - unused
-    - structcheck
     - unconvert
     - varcheck
     - gocritic
     - gofumpt
-    - tenv
     - durationcheck
 
 service:
@@ -51,4 +46,4 @@ run:
   skip-dirs:
     - pkg/clientgen
     - pkg/apis/networking.gke.io
-    - restapi/operations
+    - restapi/operations

.goreleaser.yml

@@ -13,7 +13,7 @@ release:
 before:
   hooks:
     # you may remove this if you don't use vgo
-    - go mod tidy -compat=1.17
+    - go mod tidy -compat=1.18
 
 builds:
   -

README.md

@@ -54,7 +54,7 @@ docker pull minio/console
 
 ### Build from source
 > You will need a working Go environment. Therefore, please follow [How to install Go](https://golang.org/doc/install).
-> Minimum version required is go1.17
+> Minimum version required is go1.18
 
 ```
 go install github.com/minio/console/cmd/console@latest

go.mod

@@ -1,121 +1,128 @@
 module github.com/minio/console
 
-go 1.17
+go 1.18
 
 require (
 	github.com/blang/semver/v4 v4.0.0
-	github.com/cheggaaa/pb/v3 v3.0.8
+	github.com/cheggaaa/pb/v3 v3.1.0
 	github.com/dustin/go-humanize v1.0.0
 	github.com/fatih/color v1.13.0
-	github.com/go-openapi/errors v0.20.2
-	github.com/go-openapi/loads v0.21.1
-	github.com/go-openapi/runtime v0.23.3
-	github.com/go-openapi/spec v0.20.5
-	github.com/go-openapi/strfmt v0.21.2
-	github.com/go-openapi/swag v0.21.1
-	github.com/go-openapi/validate v0.21.0
-	github.com/golang-jwt/jwt/v4 v4.4.1
+	github.com/go-openapi/errors v0.20.3
+	github.com/go-openapi/loads v0.21.2
+	github.com/go-openapi/runtime v0.24.2
+	github.com/go-openapi/spec v0.20.7
+	github.com/go-openapi/strfmt v0.21.3
+	github.com/go-openapi/swag v0.22.3
+	github.com/go-openapi/validate v0.22.0
+	github.com/golang-jwt/jwt/v4 v4.4.2
 	github.com/google/uuid v1.3.0
 	github.com/gorilla/websocket v1.5.0
 	github.com/jessevdk/go-flags v1.5.0
-	github.com/klauspost/compress v1.15.9
-	github.com/minio/cli v1.23.0
+	github.com/klauspost/compress v1.15.12
+	github.com/minio/cli v1.24.0
 	github.com/minio/directpv v1.4.4-0.20220805090942-948ca4731651
 	github.com/minio/highwayhash v1.0.2
-	github.com/minio/kes v0.19.2
-	github.com/minio/madmin-go v1.4.26
-	github.com/minio/mc v0.0.0-20220818165341-8c239d16aa37
-	github.com/minio/minio-go/v7 v7.0.35
+	github.com/minio/kes v0.22.0
+	github.com/minio/madmin-go/v2 v2.0.0
+	github.com/minio/mc v0.0.0-20221201184114-854b4f123f03
+	github.com/minio/minio-go/v7 v7.0.44
 	github.com/minio/operator v0.0.0-20220902184351-21e4073132b0
-	github.com/minio/pkg v1.4.0
+	github.com/minio/pkg v1.5.5
 	github.com/minio/selfupdate v0.5.0
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/rs/xid v1.4.0
 	github.com/secure-io/sio-go v0.3.1
-	github.com/stretchr/testify v1.8.0
-	github.com/tidwall/gjson v1.14.2
-	github.com/unrolled/secure v1.10.0
-	golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa
-	golang.org/x/net v0.0.0-20220722155237-a158d28d115b
-	golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5
+	github.com/stretchr/testify v1.8.1
+	github.com/tidwall/gjson v1.14.3
+	github.com/unrolled/secure v1.13.0
+	golang.org/x/crypto v0.3.0
+	golang.org/x/net v0.2.0
+	golang.org/x/oauth2 v0.2.0
+	// Added to include security fix for
+	// https://github.com/golang/go/issues/56152
+	golang.org/x/text v0.4.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0
-	k8s.io/api v0.24.3
-	k8s.io/apimachinery v0.24.3
-	k8s.io/client-go v0.24.3
-	k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9
+	k8s.io/api v0.25.4
+	k8s.io/apimachinery v0.25.4
+	k8s.io/client-go v0.25.4
+	k8s.io/utils v0.0.0-20221108210102-8e77b1f39fe2
 )
 
 require (
-	cloud.google.com/go v0.99.0 // indirect
+	aead.dev/mem v0.2.0 // indirect
+	cloud.google.com/go/compute v1.7.0 // indirect
 	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
-	github.com/Azure/go-autorest/autorest v0.11.18 // indirect
-	github.com/Azure/go-autorest/autorest/adal v0.9.13 // indirect
+	github.com/Azure/go-autorest/autorest v0.11.27 // indirect
+	github.com/Azure/go-autorest/autorest/adal v0.9.20 // indirect
 	github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
 	github.com/Azure/go-autorest/logger v0.2.1 // indirect
 	github.com/Azure/go-autorest/tracing v0.6.0 // indirect
 	github.com/VividCortex/ewma v1.2.0 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect
+	github.com/aymanbagabas/go-osc52 v1.2.1 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cespare/xxhash/v2 v2.1.2 // indirect
-	github.com/charmbracelet/bubbles v0.10.3 // indirect
-	github.com/charmbracelet/bubbletea v0.20.0 // indirect
-	github.com/charmbracelet/lipgloss v0.5.0 // indirect
+	github.com/charmbracelet/bubbles v0.14.0 // indirect
+	github.com/charmbracelet/bubbletea v0.22.1 // indirect
+	github.com/charmbracelet/lipgloss v0.6.0 // indirect
 	github.com/cheggaaa/pb v1.0.29 // indirect
 	github.com/containerd/console v1.0.3 // indirect
 	github.com/coreos/go-semver v0.3.0 // indirect
-	github.com/coreos/go-systemd/v22 v22.3.2 // indirect
+	github.com/coreos/go-systemd/v22 v22.4.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 // indirect
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0 // indirect
 	github.com/docker/go-units v0.4.0 // indirect
 	github.com/emicklei/go-restful/v3 v3.8.0 // indirect
 	github.com/evanphx/json-patch v5.6.0+incompatible // indirect
 	github.com/fatih/structs v1.1.0 // indirect
-	github.com/form3tech-oss/jwt-go v3.2.3+incompatible // indirect
 	github.com/fsnotify/fsnotify v1.5.1 // indirect
 	github.com/gdamore/encoding v1.0.0 // indirect
-	github.com/gdamore/tcell/v2 v2.4.1-0.20210905002822-f057f0a857a1 // indirect
-	github.com/go-logr/logr v1.2.2 // indirect
+	github.com/gdamore/tcell/v2 v2.5.3 // indirect
+	github.com/go-logr/logr v1.2.3 // indirect
 	github.com/go-ole/go-ole v1.2.6 // indirect
-	github.com/go-openapi/analysis v0.21.2 // indirect
+	github.com/go-openapi/analysis v0.21.4 // indirect
 	github.com/go-openapi/jsonpointer v0.19.5 // indirect
 	github.com/go-openapi/jsonreference v0.20.0 // indirect
-	github.com/go-stack/stack v1.8.1 // indirect
-	github.com/goccy/go-json v0.9.4 // indirect
+	github.com/goccy/go-json v0.9.11 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/google/gnostic v0.5.7-v3refs // indirect
-	github.com/google/go-cmp v0.5.8 // indirect
+	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/imdario/mergo v0.3.12 // indirect
-	github.com/inconshreveable/mousetrap v1.0.0 // indirect
+	github.com/inconshreveable/mousetrap v1.0.1 // indirect
+	github.com/jedib0t/go-pretty/v6 v6.3.8 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/klauspost/cpuid/v2 v2.1.0 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.1 // indirect
+	github.com/kr/pretty v0.2.1 // indirect
 	github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
-	github.com/lestrrat-go/blackmagic v1.0.0 // indirect
-	github.com/lestrrat-go/httpcc v1.0.0 // indirect
-	github.com/lestrrat-go/iter v1.0.1 // indirect
-	github.com/lestrrat-go/jwx v1.2.19 // indirect
+	github.com/lestrrat-go/blackmagic v1.0.1 // indirect
+	github.com/lestrrat-go/httpcc v1.0.1 // indirect
+	github.com/lestrrat-go/iter v1.0.2 // indirect
+	github.com/lestrrat-go/jwx v1.2.25 // indirect
 	github.com/lestrrat-go/option v1.0.0 // indirect
 	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
-	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
+	github.com/lufia/plan9stats v0.0.0-20220913051719-115f729f3c8c // indirect
 	github.com/magiconair/properties v1.8.5 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
-	github.com/mattn/go-colorable v0.1.12 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-ieproxy v0.0.1 // indirect
-	github.com/mattn/go-isatty v0.0.14 // indirect
-	github.com/mattn/go-runewidth v0.0.13 // indirect
-	github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
+	github.com/mattn/go-isatty v0.0.16 // indirect
+	github.com/mattn/go-localereader v0.0.1 // indirect
+	github.com/mattn/go-runewidth v0.0.14 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect
 	github.com/mb0/glob v0.0.0-20160210091149-1eb79d2de6c4 // indirect
 	github.com/miekg/dns v1.1.48 // indirect
-	github.com/minio/colorjson v1.0.2 // indirect
+	github.com/minio/colorjson v1.0.4 // indirect
 	github.com/minio/filepath v1.0.0 // indirect
+	github.com/minio/madmin-go v1.7.5 // indirect
 	github.com/minio/md5-simd v1.1.2 // indirect
 	github.com/minio/sha256-simd v1.0.0 // indirect
 	github.com/mitchellh/mapstructure v1.4.3 // indirect
@@ -123,28 +130,29 @@ require (
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/montanaflynn/stats v0.6.6 // indirect
 	github.com/muesli/ansi v0.0.0-20211031195517-c9f0611b6c70 // indirect
+	github.com/muesli/cancelreader v0.2.2 // indirect
 	github.com/muesli/reflow v0.3.0 // indirect
-	github.com/muesli/termenv v0.11.1-0.20220212125758-44cd13922739 // indirect
+	github.com/muesli/termenv v0.13.0 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
-	github.com/navidys/tvxwidgets v0.1.0 // indirect
+	github.com/navidys/tvxwidgets v0.1.1 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
 	github.com/olekukonko/tablewriter v0.0.5 // indirect
 	github.com/pelletier/go-toml v1.9.4 // indirect
 	github.com/philhofer/fwd v1.1.2-0.20210722190033-5c56ac6d0bb9 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/pkg/xattr v0.4.5 // indirect
+	github.com/pkg/xattr v0.4.9 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/posener/complete v1.2.3 // indirect
 	github.com/power-devops/perfstat v0.0.0-20220216144756-c35f1ee13d7c // indirect
-	github.com/prometheus/client_golang v1.12.2 // indirect
-	github.com/prometheus/client_model v0.2.0 // indirect
-	github.com/prometheus/common v0.33.0 // indirect
-	github.com/prometheus/procfs v0.7.3 // indirect
-	github.com/prometheus/prom2json v1.3.1 // indirect
-	github.com/rivo/tview v0.0.0-20220216162559-96063d6082f3 // indirect
-	github.com/rivo/uniseg v0.2.0 // indirect
+	github.com/prometheus/client_golang v1.13.0 // indirect
+	github.com/prometheus/client_model v0.3.0 // indirect
+	github.com/prometheus/common v0.37.0 // indirect
+	github.com/prometheus/procfs v0.8.0 // indirect
+	github.com/prometheus/prom2json v1.3.2 // indirect
+	github.com/rivo/tview v0.0.0-20220916081518-2e69b7385a37 // indirect
+	github.com/rivo/uniseg v0.4.2 // indirect
 	github.com/rjeczalik/notify v0.9.2 // indirect
-	github.com/shirou/gopsutil/v3 v3.22.7 // indirect
+	github.com/shirou/gopsutil/v3 v3.22.9 // indirect
 	github.com/sirupsen/logrus v1.9.0 // indirect
 	github.com/spf13/afero v1.6.0 // indirect
 	github.com/spf13/cast v1.4.1 // indirect
@@ -153,40 +161,37 @@ require (
 	github.com/spf13/viper v1.10.0 // indirect
 	github.com/subosito/gotenv v1.2.0 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
-	github.com/tidwall/pretty v1.2.0 // indirect
+	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/tinylib/msgp v1.1.7-0.20211026165309-e818a1881b0e // indirect
-	github.com/tklauser/go-sysconf v0.3.10 // indirect
-	github.com/tklauser/numcpus v0.4.0 // indirect
+	github.com/tklauser/go-sysconf v0.3.11 // indirect
+	github.com/tklauser/numcpus v0.6.0 // indirect
 	github.com/yusufpapurcu/wmi v1.2.2 // indirect
-	go.etcd.io/etcd/api/v3 v3.5.2 // indirect
-	go.etcd.io/etcd/client/pkg/v3 v3.5.2 // indirect
-	go.etcd.io/etcd/client/v3 v3.5.2 // indirect
-	go.mongodb.org/mongo-driver v1.9.1 // indirect
-	go.uber.org/atomic v1.9.0 // indirect
+	go.etcd.io/etcd/api/v3 v3.5.5 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.5.5 // indirect
+	go.etcd.io/etcd/client/v3 v3.5.5 // indirect
+	go.mongodb.org/mongo-driver v1.10.0 // indirect
+	go.uber.org/atomic v1.10.0 // indirect
 	go.uber.org/multierr v1.8.0 // indirect
-	go.uber.org/zap v1.21.0 // indirect
-	golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3 // indirect
-	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
-	golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f // indirect
-	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
-	golang.org/x/text v0.3.7 // indirect
+	go.uber.org/zap v1.23.0 // indirect
+	golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 // indirect
+	golang.org/x/sync v0.1.0 // indirect
+	golang.org/x/sys v0.2.0 // indirect
+	golang.org/x/term v0.2.0 // indirect
 	golang.org/x/time v0.0.0-20220224211638-0e9765cccd65 // indirect
-	golang.org/x/tools v0.1.10 // indirect
-	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
+	golang.org/x/tools v0.1.12 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/genproto v0.0.0-20220302033224-9aa15565e42a // indirect
-	google.golang.org/grpc v1.44.0 // indirect
-	google.golang.org/protobuf v1.27.1 // indirect
-	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
+	google.golang.org/genproto v0.0.0-20221018160656-63c7b68cfc55 // indirect
+	google.golang.org/grpc v1.50.1 // indirect
+	google.golang.org/protobuf v1.28.1 // indirect
 	gopkg.in/h2non/filetype.v1 v1.0.5 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
-	gopkg.in/ini.v1 v1.66.6 // indirect
+	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/apiextensions-apiserver v0.24.3 // indirect
-	k8s.io/klog/v2 v2.60.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20220627174259-011e075b9cb8 // indirect
+	k8s.io/klog/v2 v2.80.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 // indirect
 	sigs.k8s.io/controller-runtime v0.11.1 // indirect
-	sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 // indirect
-	sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect
+	sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
 	sigs.k8s.io/yaml v1.3.0 // indirect
 )

integration/login_test.go

@@ -116,8 +116,8 @@ func TestLogout(t *testing.T) {
 		log.Println("authentication token not found in cookies response")
 		return
 	}
-
-	request, err = http.NewRequest("POST", "http://localhost:9090/api/v1/logout", requestDataBody)
+	logoutRequest := bytes.NewReader([]byte("{}"))
+	request, err = http.NewRequest("POST", "http://localhost:9090/api/v1/logout", logoutRequest)
 	if err != nil {
 		log.Println(err)
 		return
@@ -126,7 +126,6 @@ func TestLogout(t *testing.T) {
 	request.Header.Add("Content-Type", "application/json")
 
 	response, err = client.Do(request)
-
 	assert.NotNil(response, "Logout response is nil")
 	assert.Nil(err, "Logout errored out")
 	assert.Equal(response.StatusCode, 200)

k8s/metrics-dev.yaml

@@ -149,5 +149,5 @@ spec:
             - name: tmp-dir
               mountPath: /tmp
       nodeSelector:
-        beta.kubernetes.io/os: linux
+        kubernetes.io/os: linux
         kubernetes.io/arch: "amd64"

k8s/operator-console/base/console-deployment.yaml

@@ -15,7 +15,7 @@ spec:
       serviceAccountName: console-sa
       containers:
         - name: console
-          image: 'minio/console:v0.20.5'
+          image: 'minio/console:v0.22.2'
           imagePullPolicy: "IfNotPresent"
           env:
             - name: CONSOLE_OPERATOR_MODE

k8s/operator-console/standalone/console-deployment.yaml

@@ -32,7 +32,7 @@ spec:
     spec:
       containers:
         - name: console
-          image: 'minio/console:v0.20.5'
+          image: 'minio/console:v0.22.2'
           imagePullPolicy: "IfNotPresent"
           env:
             - name: CONSOLE_MINIO_SERVER

models/admin_info_response.go

@@ -24,11 +24,13 @@ package models
 
 import (
 	"context"
+	"encoding/json"
 	"strconv"
 
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
 )
 
 // AdminInfoResponse admin info response
@@ -36,15 +38,19 @@ import (
 // swagger:model adminInfoResponse
 type AdminInfoResponse struct {
 
+	// advanced metrics status
+	// Enum: [not configured available unavailable]
+	AdvancedMetricsStatus string `json:"advancedMetricsStatus,omitempty"`
+
+	// backend
+	Backend *BackendProperties `json:"backend,omitempty"`
+
 	// buckets
 	Buckets int64 `json:"buckets,omitempty"`
 
 	// objects
 	Objects int64 `json:"objects,omitempty"`
 
-	// prometheus not ready
-	PrometheusNotReady bool `json:"prometheusNotReady,omitempty"`
-
 	// servers
 	Servers []*ServerProperties `json:"servers"`
 
@@ -59,6 +65,14 @@ type AdminInfoResponse struct {
 func (m *AdminInfoResponse) Validate(formats strfmt.Registry) error {
 	var res []error
 
+	if err := m.validateAdvancedMetricsStatus(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateBackend(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateServers(formats); err != nil {
 		res = append(res, err)
 	}
@@ -73,6 +87,70 @@ func (m *AdminInfoResponse) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
+var adminInfoResponseTypeAdvancedMetricsStatusPropEnum []interface{}
+
+func init() {
+	var res []string
+	if err := json.Unmarshal([]byte(`["not configured","available","unavailable"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		adminInfoResponseTypeAdvancedMetricsStatusPropEnum = append(adminInfoResponseTypeAdvancedMetricsStatusPropEnum, v)
+	}
+}
+
+const (
+
+	// AdminInfoResponseAdvancedMetricsStatusNotConfigured captures enum value "not configured"
+	AdminInfoResponseAdvancedMetricsStatusNotConfigured string = "not configured"
+
+	// AdminInfoResponseAdvancedMetricsStatusAvailable captures enum value "available"
+	AdminInfoResponseAdvancedMetricsStatusAvailable string = "available"
+
+	// AdminInfoResponseAdvancedMetricsStatusUnavailable captures enum value "unavailable"
+	AdminInfoResponseAdvancedMetricsStatusUnavailable string = "unavailable"
+)
+
+// prop value enum
+func (m *AdminInfoResponse) validateAdvancedMetricsStatusEnum(path, location string, value string) error {
+	if err := validate.EnumCase(path, location, value, adminInfoResponseTypeAdvancedMetricsStatusPropEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (m *AdminInfoResponse) validateAdvancedMetricsStatus(formats strfmt.Registry) error {
+	if swag.IsZero(m.AdvancedMetricsStatus) { // not required
+		return nil
+	}
+
+	// value enum
+	if err := m.validateAdvancedMetricsStatusEnum("advancedMetricsStatus", "body", m.AdvancedMetricsStatus); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *AdminInfoResponse) validateBackend(formats strfmt.Registry) error {
+	if swag.IsZero(m.Backend) { // not required
+		return nil
+	}
+
+	if m.Backend != nil {
+		if err := m.Backend.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("backend")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("backend")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *AdminInfoResponse) validateServers(formats strfmt.Registry) error {
 	if swag.IsZero(m.Servers) { // not required
 		return nil
@@ -129,6 +207,10 @@ func (m *AdminInfoResponse) validateWidgets(formats strfmt.Registry) error {
 func (m *AdminInfoResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
 
+	if err := m.contextValidateBackend(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.contextValidateServers(ctx, formats); err != nil {
 		res = append(res, err)
 	}
@@ -143,6 +225,22 @@ func (m *AdminInfoResponse) ContextValidate(ctx context.Context, formats strfmt.
 	return nil
 }
 
+func (m *AdminInfoResponse) contextValidateBackend(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Backend != nil {
+		if err := m.Backend.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("backend")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("backend")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *AdminInfoResponse) contextValidateServers(ctx context.Context, formats strfmt.Registry) error {
 
 	for i := 0; i < len(m.Servers); i++ {

models/backend_properties.go

@@ -0,0 +1,73 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// BackendProperties backend properties
+//
+// swagger:model BackendProperties
+type BackendProperties struct {
+
+	// backend type
+	BackendType string `json:"backendType,omitempty"`
+
+	// rr s c parity
+	RrSCParity int64 `json:"rrSCParity,omitempty"`
+
+	// standard s c parity
+	StandardSCParity int64 `json:"standardSCParity,omitempty"`
+}
+
+// Validate validates this backend properties
+func (m *BackendProperties) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this backend properties based on context it is used
+func (m *BackendProperties) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *BackendProperties) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *BackendProperties) UnmarshalBinary(b []byte) error {
+	var res BackendProperties
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/encryption_configuration.go

@@ -42,9 +42,6 @@ type EncryptionConfiguration struct {
 	// azure
 	Azure *AzureConfiguration `json:"azure,omitempty"`
 
-	// client
-	Client *KeyPairConfiguration `json:"client,omitempty"`
-
 	// gcp
 	Gcp *GcpConfiguration `json:"gcp,omitempty"`
 
@@ -54,6 +51,15 @@ type EncryptionConfiguration struct {
 	// image
 	Image string `json:"image,omitempty"`
 
+	// kms mtls
+	KmsMtls *EncryptionConfigurationAO1KmsMtls `json:"kms_mtls,omitempty"`
+
+	// minio mtls
+	MinioMtls *KeyPairConfiguration `json:"minio_mtls,omitempty"`
+
+	// raw
+	Raw string `json:"raw,omitempty"`
+
 	// replicas
 	Replicas string `json:"replicas,omitempty"`
 
@@ -63,8 +69,8 @@ type EncryptionConfiguration struct {
 	// security context
 	SecurityContext *SecurityContext `json:"securityContext,omitempty"`
 
-	// server
-	Server *KeyPairConfiguration `json:"server,omitempty"`
+	// server tls
+	ServerTLS *KeyPairConfiguration `json:"server_tls,omitempty"`
 
 	// vault
 	Vault *VaultConfiguration `json:"vault,omitempty"`
@@ -85,21 +91,25 @@ func (m *EncryptionConfiguration) UnmarshalJSON(raw []byte) error {
 
 		Azure *AzureConfiguration `json:"azure,omitempty"`
 
-		Client *KeyPairConfiguration `json:"client,omitempty"`
-
 		Gcp *GcpConfiguration `json:"gcp,omitempty"`
 
 		Gemalto *GemaltoConfiguration `json:"gemalto,omitempty"`
 
 		Image string `json:"image,omitempty"`
 
+		KmsMtls *EncryptionConfigurationAO1KmsMtls `json:"kms_mtls,omitempty"`
+
+		MinioMtls *KeyPairConfiguration `json:"minio_mtls,omitempty"`
+
+		Raw string `json:"raw,omitempty"`
+
 		Replicas string `json:"replicas,omitempty"`
 
 		SecretsToBeDeleted []string `json:"secretsToBeDeleted"`
 
 		SecurityContext *SecurityContext `json:"securityContext,omitempty"`
 
-		Server *KeyPairConfiguration `json:"server,omitempty"`
+		ServerTLS *KeyPairConfiguration `json:"server_tls,omitempty"`
 
 		Vault *VaultConfiguration `json:"vault,omitempty"`
 	}
@@ -111,21 +121,25 @@ func (m *EncryptionConfiguration) UnmarshalJSON(raw []byte) error {
 
 	m.Azure = dataAO1.Azure
 
-	m.Client = dataAO1.Client
-
 	m.Gcp = dataAO1.Gcp
 
 	m.Gemalto = dataAO1.Gemalto
 
 	m.Image = dataAO1.Image
 
+	m.KmsMtls = dataAO1.KmsMtls
+
+	m.MinioMtls = dataAO1.MinioMtls
+
+	m.Raw = dataAO1.Raw
+
 	m.Replicas = dataAO1.Replicas
 
 	m.SecretsToBeDeleted = dataAO1.SecretsToBeDeleted
 
 	m.SecurityContext = dataAO1.SecurityContext
 
-	m.Server = dataAO1.Server
+	m.ServerTLS = dataAO1.ServerTLS
 
 	m.Vault = dataAO1.Vault
 
@@ -146,21 +160,25 @@ func (m EncryptionConfiguration) MarshalJSON() ([]byte, error) {
 
 		Azure *AzureConfiguration `json:"azure,omitempty"`
 
-		Client *KeyPairConfiguration `json:"client,omitempty"`
-
 		Gcp *GcpConfiguration `json:"gcp,omitempty"`
 
 		Gemalto *GemaltoConfiguration `json:"gemalto,omitempty"`
 
 		Image string `json:"image,omitempty"`
 
+		KmsMtls *EncryptionConfigurationAO1KmsMtls `json:"kms_mtls,omitempty"`
+
+		MinioMtls *KeyPairConfiguration `json:"minio_mtls,omitempty"`
+
+		Raw string `json:"raw,omitempty"`
+
 		Replicas string `json:"replicas,omitempty"`
 
 		SecretsToBeDeleted []string `json:"secretsToBeDeleted"`
 
 		SecurityContext *SecurityContext `json:"securityContext,omitempty"`
 
-		Server *KeyPairConfiguration `json:"server,omitempty"`
+		ServerTLS *KeyPairConfiguration `json:"server_tls,omitempty"`
 
 		Vault *VaultConfiguration `json:"vault,omitempty"`
 	}
@@ -169,21 +187,25 @@ func (m EncryptionConfiguration) MarshalJSON() ([]byte, error) {
 
 	dataAO1.Azure = m.Azure
 
-	dataAO1.Client = m.Client
-
 	dataAO1.Gcp = m.Gcp
 
 	dataAO1.Gemalto = m.Gemalto
 
 	dataAO1.Image = m.Image
 
+	dataAO1.KmsMtls = m.KmsMtls
+
+	dataAO1.MinioMtls = m.MinioMtls
+
+	dataAO1.Raw = m.Raw
+
 	dataAO1.Replicas = m.Replicas
 
 	dataAO1.SecretsToBeDeleted = m.SecretsToBeDeleted
 
 	dataAO1.SecurityContext = m.SecurityContext
 
-	dataAO1.Server = m.Server
+	dataAO1.ServerTLS = m.ServerTLS
 
 	dataAO1.Vault = m.Vault
 
@@ -212,10 +234,6 @@ func (m *EncryptionConfiguration) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
-	if err := m.validateClient(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if err := m.validateGcp(formats); err != nil {
 		res = append(res, err)
 	}
@@ -224,11 +242,19 @@ func (m *EncryptionConfiguration) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
+	if err := m.validateKmsMtls(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateMinioMtls(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.validateSecurityContext(formats); err != nil {
 		res = append(res, err)
 	}
 
-	if err := m.validateServer(formats); err != nil {
+	if err := m.validateServerTLS(formats); err != nil {
 		res = append(res, err)
 	}
 
@@ -282,26 +308,6 @@ func (m *EncryptionConfiguration) validateAzure(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *EncryptionConfiguration) validateClient(formats strfmt.Registry) error {
-
-	if swag.IsZero(m.Client) { // not required
-		return nil
-	}
-
-	if m.Client != nil {
-		if err := m.Client.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("client")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("client")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 func (m *EncryptionConfiguration) validateGcp(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.Gcp) { // not required
@@ -342,6 +348,46 @@ func (m *EncryptionConfiguration) validateGemalto(formats strfmt.Registry) error
 	return nil
 }
 
+func (m *EncryptionConfiguration) validateKmsMtls(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.KmsMtls) { // not required
+		return nil
+	}
+
+	if m.KmsMtls != nil {
+		if err := m.KmsMtls.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("kms_mtls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("kms_mtls")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfiguration) validateMinioMtls(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.MinioMtls) { // not required
+		return nil
+	}
+
+	if m.MinioMtls != nil {
+		if err := m.MinioMtls.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("minio_mtls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("minio_mtls")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *EncryptionConfiguration) validateSecurityContext(formats strfmt.Registry) error {
 
 	if swag.IsZero(m.SecurityContext) { // not required
@@ -362,18 +408,18 @@ func (m *EncryptionConfiguration) validateSecurityContext(formats strfmt.Registr
 	return nil
 }
 
-func (m *EncryptionConfiguration) validateServer(formats strfmt.Registry) error {
+func (m *EncryptionConfiguration) validateServerTLS(formats strfmt.Registry) error {
 
-	if swag.IsZero(m.Server) { // not required
+	if swag.IsZero(m.ServerTLS) { // not required
 		return nil
 	}
 
-	if m.Server != nil {
-		if err := m.Server.Validate(formats); err != nil {
+	if m.ServerTLS != nil {
+		if err := m.ServerTLS.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("server")
+				return ve.ValidateName("server_tls")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("server")
+				return ce.ValidateName("server_tls")
 			}
 			return err
 		}
@@ -419,10 +465,6 @@ func (m *EncryptionConfiguration) ContextValidate(ctx context.Context, formats s
 		res = append(res, err)
 	}
 
-	if err := m.contextValidateClient(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
 	if err := m.contextValidateGcp(ctx, formats); err != nil {
 		res = append(res, err)
 	}
@@ -431,11 +473,19 @@ func (m *EncryptionConfiguration) ContextValidate(ctx context.Context, formats s
 		res = append(res, err)
 	}
 
+	if err := m.contextValidateKmsMtls(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateMinioMtls(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
 	if err := m.contextValidateSecurityContext(ctx, formats); err != nil {
 		res = append(res, err)
 	}
 
-	if err := m.contextValidateServer(ctx, formats); err != nil {
+	if err := m.contextValidateServerTLS(ctx, formats); err != nil {
 		res = append(res, err)
 	}
 
@@ -481,22 +531,6 @@ func (m *EncryptionConfiguration) contextValidateAzure(ctx context.Context, form
 	return nil
 }
 
-func (m *EncryptionConfiguration) contextValidateClient(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.Client != nil {
-		if err := m.Client.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("client")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("client")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 func (m *EncryptionConfiguration) contextValidateGcp(ctx context.Context, formats strfmt.Registry) error {
 
 	if m.Gcp != nil {
@@ -529,6 +563,38 @@ func (m *EncryptionConfiguration) contextValidateGemalto(ctx context.Context, fo
 	return nil
 }
 
+func (m *EncryptionConfiguration) contextValidateKmsMtls(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.KmsMtls != nil {
+		if err := m.KmsMtls.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("kms_mtls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("kms_mtls")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfiguration) contextValidateMinioMtls(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.MinioMtls != nil {
+		if err := m.MinioMtls.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("minio_mtls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("minio_mtls")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (m *EncryptionConfiguration) contextValidateSecurityContext(ctx context.Context, formats strfmt.Registry) error {
 
 	if m.SecurityContext != nil {
@@ -545,14 +611,14 @@ func (m *EncryptionConfiguration) contextValidateSecurityContext(ctx context.Con
 	return nil
 }
 
-func (m *EncryptionConfiguration) contextValidateServer(ctx context.Context, formats strfmt.Registry) error {
+func (m *EncryptionConfiguration) contextValidateServerTLS(ctx context.Context, formats strfmt.Registry) error {
 
-	if m.Server != nil {
-		if err := m.Server.ContextValidate(ctx, formats); err != nil {
+	if m.ServerTLS != nil {
+		if err := m.ServerTLS.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("server")
+				return ve.ValidateName("server_tls")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("server")
+				return ce.ValidateName("server_tls")
 			}
 			return err
 		}
@@ -594,3 +660,46 @@ func (m *EncryptionConfiguration) UnmarshalBinary(b []byte) error {
 	*m = res
 	return nil
 }
+
+// EncryptionConfigurationAO1KmsMtls encryption configuration a o1 kms mtls
+//
+// swagger:model EncryptionConfigurationAO1KmsMtls
+type EncryptionConfigurationAO1KmsMtls struct {
+
+	// ca
+	Ca string `json:"ca,omitempty"`
+
+	// crt
+	Crt string `json:"crt,omitempty"`
+
+	// key
+	Key string `json:"key,omitempty"`
+}
+
+// Validate validates this encryption configuration a o1 kms mtls
+func (m *EncryptionConfigurationAO1KmsMtls) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this encryption configuration a o1 kms mtls based on context it is used
+func (m *EncryptionConfigurationAO1KmsMtls) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *EncryptionConfigurationAO1KmsMtls) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *EncryptionConfigurationAO1KmsMtls) UnmarshalBinary(b []byte) error {
+	var res EncryptionConfigurationAO1KmsMtls
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/encryption_configuration_response.go

@@ -51,8 +51,14 @@ type EncryptionConfigurationResponse struct {
 	// image
 	Image string `json:"image,omitempty"`
 
-	// mtls client
-	MtlsClient *CertificateInfo `json:"mtls_client,omitempty"`
+	// kms mtls
+	KmsMtls *EncryptionConfigurationResponseAO1KmsMtls `json:"kms_mtls,omitempty"`
+
+	// minio mtls
+	MinioMtls *CertificateInfo `json:"minio_mtls,omitempty"`
+
+	// raw
+	Raw string `json:"raw,omitempty"`
 
 	// replicas
 	Replicas string `json:"replicas,omitempty"`
@@ -60,8 +66,8 @@ type EncryptionConfigurationResponse struct {
 	// security context
 	SecurityContext *SecurityContext `json:"securityContext,omitempty"`
 
-	// server
-	Server *CertificateInfo `json:"server,omitempty"`
+	// server tls
+	ServerTLS *CertificateInfo `json:"server_tls,omitempty"`
 
 	// vault
 	Vault *VaultConfigurationResponse `json:"vault,omitempty"`
@@ -88,13 +94,17 @@ func (m *EncryptionConfigurationResponse) UnmarshalJSON(raw []byte) error {
 
 		Image string `json:"image,omitempty"`
 
-		MtlsClient *CertificateInfo `json:"mtls_client,omitempty"`
+		KmsMtls *EncryptionConfigurationResponseAO1KmsMtls `json:"kms_mtls,omitempty"`
+
+		MinioMtls *CertificateInfo `json:"minio_mtls,omitempty"`
+
+		Raw string `json:"raw,omitempty"`
 
 		Replicas string `json:"replicas,omitempty"`
 
 		SecurityContext *SecurityContext `json:"securityContext,omitempty"`
 
-		Server *CertificateInfo `json:"server,omitempty"`
+		ServerTLS *CertificateInfo `json:"server_tls,omitempty"`
 
 		Vault *VaultConfigurationResponse `json:"vault,omitempty"`
 	}
@@ -112,13 +122,17 @@ func (m *EncryptionConfigurationResponse) UnmarshalJSON(raw []byte) error {
 
 	m.Image = dataAO1.Image
 
-	m.MtlsClient = dataAO1.MtlsClient
+	m.KmsMtls = dataAO1.KmsMtls
+
+	m.MinioMtls = dataAO1.MinioMtls
+
+	m.Raw = dataAO1.Raw
 
 	m.Replicas = dataAO1.Replicas
 
 	m.SecurityContext = dataAO1.SecurityContext
 
-	m.Server = dataAO1.Server
+	m.ServerTLS = dataAO1.ServerTLS
 
 	m.Vault = dataAO1.Vault
 
@@ -145,13 +159,17 @@ func (m EncryptionConfigurationResponse) MarshalJSON() ([]byte, error) {
 
 		Image string `json:"image,omitempty"`
 
-		MtlsClient *CertificateInfo `json:"mtls_client,omitempty"`
+		KmsMtls *EncryptionConfigurationResponseAO1KmsMtls `json:"kms_mtls,omitempty"`
+
+		MinioMtls *CertificateInfo `json:"minio_mtls,omitempty"`
+
+		Raw string `json:"raw,omitempty"`
 
 		Replicas string `json:"replicas,omitempty"`
 
 		SecurityContext *SecurityContext `json:"securityContext,omitempty"`
 
-		Server *CertificateInfo `json:"server,omitempty"`
+		ServerTLS *CertificateInfo `json:"server_tls,omitempty"`
 
 		Vault *VaultConfigurationResponse `json:"vault,omitempty"`
 	}
@@ -166,13 +184,17 @@ func (m EncryptionConfigurationResponse) MarshalJSON() ([]byte, error) {
 
 	dataAO1.Image = m.Image
 
-	dataAO1.MtlsClient = m.MtlsClient
+	dataAO1.KmsMtls = m.KmsMtls
+
+	dataAO1.MinioMtls = m.MinioMtls
+
+	dataAO1.Raw = m.Raw
 
 	dataAO1.Replicas = m.Replicas
 
 	dataAO1.SecurityContext = m.SecurityContext
 
-	dataAO1.Server = m.Server
+	dataAO1.ServerTLS = m.ServerTLS
 
 	dataAO1.Vault = m.Vault
 
@@ -209,7 +231,11 @@ func (m *EncryptionConfigurationResponse) Validate(formats strfmt.Registry) erro
 		res = append(res, err)
 	}
 
-	if err := m.validateMtlsClient(formats); err != nil {
+	if err := m.validateKmsMtls(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateMinioMtls(formats); err != nil {
 		res = append(res, err)
 	}
 
@@ -217,7 +243,7 @@ func (m *EncryptionConfigurationResponse) Validate(formats strfmt.Registry) erro
 		res = append(res, err)
 	}
 
-	if err := m.validateServer(formats); err != nil {
+	if err := m.validateServerTLS(formats); err != nil {
 		res = append(res, err)
 	}
 
@@ -311,18 +337,38 @@ func (m *EncryptionConfigurationResponse) validateGemalto(formats strfmt.Registr
 	return nil
 }
 
-func (m *EncryptionConfigurationResponse) validateMtlsClient(formats strfmt.Registry) error {
+func (m *EncryptionConfigurationResponse) validateKmsMtls(formats strfmt.Registry) error {
 
-	if swag.IsZero(m.MtlsClient) { // not required
+	if swag.IsZero(m.KmsMtls) { // not required
 		return nil
 	}
 
-	if m.MtlsClient != nil {
-		if err := m.MtlsClient.Validate(formats); err != nil {
+	if m.KmsMtls != nil {
+		if err := m.KmsMtls.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("mtls_client")
+				return ve.ValidateName("kms_mtls")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("mtls_client")
+				return ce.ValidateName("kms_mtls")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfigurationResponse) validateMinioMtls(formats strfmt.Registry) error {
+
+	if swag.IsZero(m.MinioMtls) { // not required
+		return nil
+	}
+
+	if m.MinioMtls != nil {
+		if err := m.MinioMtls.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("minio_mtls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("minio_mtls")
 			}
 			return err
 		}
@@ -351,18 +397,18 @@ func (m *EncryptionConfigurationResponse) validateSecurityContext(formats strfmt
 	return nil
 }
 
-func (m *EncryptionConfigurationResponse) validateServer(formats strfmt.Registry) error {
+func (m *EncryptionConfigurationResponse) validateServerTLS(formats strfmt.Registry) error {
 
-	if swag.IsZero(m.Server) { // not required
+	if swag.IsZero(m.ServerTLS) { // not required
 		return nil
 	}
 
-	if m.Server != nil {
-		if err := m.Server.Validate(formats); err != nil {
+	if m.ServerTLS != nil {
+		if err := m.ServerTLS.Validate(formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("server")
+				return ve.ValidateName("server_tls")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("server")
+				return ce.ValidateName("server_tls")
 			}
 			return err
 		}
@@ -416,7 +462,11 @@ func (m *EncryptionConfigurationResponse) ContextValidate(ctx context.Context, f
 		res = append(res, err)
 	}
 
-	if err := m.contextValidateMtlsClient(ctx, formats); err != nil {
+	if err := m.contextValidateKmsMtls(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateMinioMtls(ctx, formats); err != nil {
 		res = append(res, err)
 	}
 
@@ -424,7 +474,7 @@ func (m *EncryptionConfigurationResponse) ContextValidate(ctx context.Context, f
 		res = append(res, err)
 	}
 
-	if err := m.contextValidateServer(ctx, formats); err != nil {
+	if err := m.contextValidateServerTLS(ctx, formats); err != nil {
 		res = append(res, err)
 	}
 
@@ -502,14 +552,30 @@ func (m *EncryptionConfigurationResponse) contextValidateGemalto(ctx context.Con
 	return nil
 }
 
-func (m *EncryptionConfigurationResponse) contextValidateMtlsClient(ctx context.Context, formats strfmt.Registry) error {
+func (m *EncryptionConfigurationResponse) contextValidateKmsMtls(ctx context.Context, formats strfmt.Registry) error {
 
-	if m.MtlsClient != nil {
-		if err := m.MtlsClient.ContextValidate(ctx, formats); err != nil {
+	if m.KmsMtls != nil {
+		if err := m.KmsMtls.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("mtls_client")
+				return ve.ValidateName("kms_mtls")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("mtls_client")
+				return ce.ValidateName("kms_mtls")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfigurationResponse) contextValidateMinioMtls(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.MinioMtls != nil {
+		if err := m.MinioMtls.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("minio_mtls")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("minio_mtls")
 			}
 			return err
 		}
@@ -534,14 +600,14 @@ func (m *EncryptionConfigurationResponse) contextValidateSecurityContext(ctx con
 	return nil
 }
 
-func (m *EncryptionConfigurationResponse) contextValidateServer(ctx context.Context, formats strfmt.Registry) error {
+func (m *EncryptionConfigurationResponse) contextValidateServerTLS(ctx context.Context, formats strfmt.Registry) error {
 
-	if m.Server != nil {
-		if err := m.Server.ContextValidate(ctx, formats); err != nil {
+	if m.ServerTLS != nil {
+		if err := m.ServerTLS.ContextValidate(ctx, formats); err != nil {
 			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("server")
+				return ve.ValidateName("server_tls")
 			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("server")
+				return ce.ValidateName("server_tls")
 			}
 			return err
 		}
@@ -583,3 +649,139 @@ func (m *EncryptionConfigurationResponse) UnmarshalBinary(b []byte) error {
 	*m = res
 	return nil
 }
+
+// EncryptionConfigurationResponseAO1KmsMtls encryption configuration response a o1 kms mtls
+//
+// swagger:model EncryptionConfigurationResponseAO1KmsMtls
+type EncryptionConfigurationResponseAO1KmsMtls struct {
+
+	// ca
+	Ca *CertificateInfo `json:"ca,omitempty"`
+
+	// crt
+	Crt *CertificateInfo `json:"crt,omitempty"`
+}
+
+// Validate validates this encryption configuration response a o1 kms mtls
+func (m *EncryptionConfigurationResponseAO1KmsMtls) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateCa(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateCrt(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *EncryptionConfigurationResponseAO1KmsMtls) validateCa(formats strfmt.Registry) error {
+	if swag.IsZero(m.Ca) { // not required
+		return nil
+	}
+
+	if m.Ca != nil {
+		if err := m.Ca.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("kms_mtls" + "." + "ca")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("kms_mtls" + "." + "ca")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfigurationResponseAO1KmsMtls) validateCrt(formats strfmt.Registry) error {
+	if swag.IsZero(m.Crt) { // not required
+		return nil
+	}
+
+	if m.Crt != nil {
+		if err := m.Crt.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("kms_mtls" + "." + "crt")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("kms_mtls" + "." + "crt")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ContextValidate validate this encryption configuration response a o1 kms mtls based on the context it is used
+func (m *EncryptionConfigurationResponseAO1KmsMtls) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateCa(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.contextValidateCrt(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *EncryptionConfigurationResponseAO1KmsMtls) contextValidateCa(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Ca != nil {
+		if err := m.Ca.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("kms_mtls" + "." + "ca")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("kms_mtls" + "." + "ca")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *EncryptionConfigurationResponseAO1KmsMtls) contextValidateCrt(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Crt != nil {
+		if err := m.Crt.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("kms_mtls" + "." + "crt")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("kms_mtls" + "." + "crt")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *EncryptionConfigurationResponseAO1KmsMtls) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *EncryptionConfigurationResponseAO1KmsMtls) UnmarshalBinary(b []byte) error {
+	var res EncryptionConfigurationResponseAO1KmsMtls
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/gemalto_configuration.go

@@ -135,9 +135,6 @@ type GemaltoConfigurationKeysecure struct {
 	// endpoint
 	// Required: true
 	Endpoint *string `json:"endpoint"`
-
-	// tls
-	TLS *GemaltoConfigurationKeysecureTLS `json:"tls,omitempty"`
 }
 
 // Validate validates this gemalto configuration keysecure
@@ -152,10 +149,6 @@ func (m *GemaltoConfigurationKeysecure) Validate(formats strfmt.Registry) error
 		res = append(res, err)
 	}
 
-	if err := m.validateTLS(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -191,25 +184,6 @@ func (m *GemaltoConfigurationKeysecure) validateEndpoint(formats strfmt.Registry
 	return nil
 }
 
-func (m *GemaltoConfigurationKeysecure) validateTLS(formats strfmt.Registry) error {
-	if swag.IsZero(m.TLS) { // not required
-		return nil
-	}
-
-	if m.TLS != nil {
-		if err := m.TLS.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keysecure" + "." + "tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keysecure" + "." + "tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // ContextValidate validate this gemalto configuration keysecure based on the context it is used
 func (m *GemaltoConfigurationKeysecure) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
@@ -218,10 +192,6 @@ func (m *GemaltoConfigurationKeysecure) ContextValidate(ctx context.Context, for
 		res = append(res, err)
 	}
 
-	if err := m.contextValidateTLS(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -244,22 +214,6 @@ func (m *GemaltoConfigurationKeysecure) contextValidateCredentials(ctx context.C
 	return nil
 }
 
-func (m *GemaltoConfigurationKeysecure) contextValidateTLS(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.TLS != nil {
-		if err := m.TLS.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keysecure" + "." + "tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keysecure" + "." + "tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // MarshalBinary interface implementation
 func (m *GemaltoConfigurationKeysecure) MarshalBinary() ([]byte, error) {
 	if m == nil {
@@ -353,59 +307,3 @@ func (m *GemaltoConfigurationKeysecureCredentials) UnmarshalBinary(b []byte) err
 	*m = res
 	return nil
 }
-
-// GemaltoConfigurationKeysecureTLS gemalto configuration keysecure TLS
-//
-// swagger:model GemaltoConfigurationKeysecureTLS
-type GemaltoConfigurationKeysecureTLS struct {
-
-	// ca
-	// Required: true
-	Ca *string `json:"ca"`
-}
-
-// Validate validates this gemalto configuration keysecure TLS
-func (m *GemaltoConfigurationKeysecureTLS) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.validateCa(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *GemaltoConfigurationKeysecureTLS) validateCa(formats strfmt.Registry) error {
-
-	if err := validate.Required("keysecure"+"."+"tls"+"."+"ca", "body", m.Ca); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-// ContextValidate validates this gemalto configuration keysecure TLS based on context it is used
-func (m *GemaltoConfigurationKeysecureTLS) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *GemaltoConfigurationKeysecureTLS) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *GemaltoConfigurationKeysecureTLS) UnmarshalBinary(b []byte) error {
-	var res GemaltoConfigurationKeysecureTLS
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}

models/gemalto_configuration_response.go

@@ -135,9 +135,6 @@ type GemaltoConfigurationResponseKeysecure struct {
 	// endpoint
 	// Required: true
 	Endpoint *string `json:"endpoint"`
-
-	// tls
-	TLS *GemaltoConfigurationResponseKeysecureTLS `json:"tls,omitempty"`
 }
 
 // Validate validates this gemalto configuration response keysecure
@@ -152,10 +149,6 @@ func (m *GemaltoConfigurationResponseKeysecure) Validate(formats strfmt.Registry
 		res = append(res, err)
 	}
 
-	if err := m.validateTLS(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -191,25 +184,6 @@ func (m *GemaltoConfigurationResponseKeysecure) validateEndpoint(formats strfmt.
 	return nil
 }
 
-func (m *GemaltoConfigurationResponseKeysecure) validateTLS(formats strfmt.Registry) error {
-	if swag.IsZero(m.TLS) { // not required
-		return nil
-	}
-
-	if m.TLS != nil {
-		if err := m.TLS.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keysecure" + "." + "tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keysecure" + "." + "tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // ContextValidate validate this gemalto configuration response keysecure based on the context it is used
 func (m *GemaltoConfigurationResponseKeysecure) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
@@ -218,10 +192,6 @@ func (m *GemaltoConfigurationResponseKeysecure) ContextValidate(ctx context.Cont
 		res = append(res, err)
 	}
 
-	if err := m.contextValidateTLS(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -244,22 +214,6 @@ func (m *GemaltoConfigurationResponseKeysecure) contextValidateCredentials(ctx c
 	return nil
 }
 
-func (m *GemaltoConfigurationResponseKeysecure) contextValidateTLS(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.TLS != nil {
-		if err := m.TLS.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keysecure" + "." + "tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keysecure" + "." + "tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // MarshalBinary interface implementation
 func (m *GemaltoConfigurationResponseKeysecure) MarshalBinary() ([]byte, error) {
 	if m == nil {
@@ -353,95 +307,3 @@ func (m *GemaltoConfigurationResponseKeysecureCredentials) UnmarshalBinary(b []b
 	*m = res
 	return nil
 }
-
-// GemaltoConfigurationResponseKeysecureTLS gemalto configuration response keysecure TLS
-//
-// swagger:model GemaltoConfigurationResponseKeysecureTLS
-type GemaltoConfigurationResponseKeysecureTLS struct {
-
-	// ca
-	// Required: true
-	Ca *CertificateInfo `json:"ca"`
-}
-
-// Validate validates this gemalto configuration response keysecure TLS
-func (m *GemaltoConfigurationResponseKeysecureTLS) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.validateCa(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *GemaltoConfigurationResponseKeysecureTLS) validateCa(formats strfmt.Registry) error {
-
-	if err := validate.Required("keysecure"+"."+"tls"+"."+"ca", "body", m.Ca); err != nil {
-		return err
-	}
-
-	if m.Ca != nil {
-		if err := m.Ca.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keysecure" + "." + "tls" + "." + "ca")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keysecure" + "." + "tls" + "." + "ca")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// ContextValidate validate this gemalto configuration response keysecure TLS based on the context it is used
-func (m *GemaltoConfigurationResponseKeysecureTLS) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.contextValidateCa(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *GemaltoConfigurationResponseKeysecureTLS) contextValidateCa(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.Ca != nil {
-		if err := m.Ca.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("keysecure" + "." + "tls" + "." + "ca")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("keysecure" + "." + "tls" + "." + "ca")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *GemaltoConfigurationResponseKeysecureTLS) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *GemaltoConfigurationResponseKeysecureTLS) UnmarshalBinary(b []byte) error {
-	var res GemaltoConfigurationResponseKeysecureTLS
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}

models/idp_list_configurations_response.go

@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// IdpListConfigurationsResponse idp list configurations response
+//
+// swagger:model idpListConfigurationsResponse
+type IdpListConfigurationsResponse struct {
+
+	// results
+	Results []*IdpServerConfiguration `json:"results"`
+}
+
+// Validate validates this idp list configurations response
+func (m *IdpListConfigurationsResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateResults(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *IdpListConfigurationsResponse) validateResults(formats strfmt.Registry) error {
+	if swag.IsZero(m.Results) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Results); i++ {
+		if swag.IsZero(m.Results[i]) { // not required
+			continue
+		}
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this idp list configurations response based on the context it is used
+func (m *IdpListConfigurationsResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateResults(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *IdpListConfigurationsResponse) contextValidateResults(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Results); i++ {
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *IdpListConfigurationsResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *IdpListConfigurationsResponse) UnmarshalBinary(b []byte) error {
+	var res IdpListConfigurationsResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/idp_server_configuration.go

@@ -0,0 +1,145 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// IdpServerConfiguration idp server configuration
+//
+// swagger:model idpServerConfiguration
+type IdpServerConfiguration struct {
+
+	// enabled
+	Enabled bool `json:"enabled,omitempty"`
+
+	// info
+	Info []*IdpServerConfigurationInfo `json:"info"`
+
+	// input
+	Input string `json:"input,omitempty"`
+
+	// name
+	Name string `json:"name,omitempty"`
+
+	// type
+	Type string `json:"type,omitempty"`
+}
+
+// Validate validates this idp server configuration
+func (m *IdpServerConfiguration) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateInfo(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *IdpServerConfiguration) validateInfo(formats strfmt.Registry) error {
+	if swag.IsZero(m.Info) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Info); i++ {
+		if swag.IsZero(m.Info[i]) { // not required
+			continue
+		}
+
+		if m.Info[i] != nil {
+			if err := m.Info[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("info" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("info" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this idp server configuration based on the context it is used
+func (m *IdpServerConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateInfo(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *IdpServerConfiguration) contextValidateInfo(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Info); i++ {
+
+		if m.Info[i] != nil {
+			if err := m.Info[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("info" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("info" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *IdpServerConfiguration) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *IdpServerConfiguration) UnmarshalBinary(b []byte) error {
+	var res IdpServerConfiguration
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/idp_server_configuration_info.go

@@ -0,0 +1,76 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// IdpServerConfigurationInfo idp server configuration info
+//
+// swagger:model idpServerConfigurationInfo
+type IdpServerConfigurationInfo struct {
+
+	// is cfg
+	IsCfg bool `json:"isCfg,omitempty"`
+
+	// is env
+	IsEnv bool `json:"isEnv,omitempty"`
+
+	// key
+	Key string `json:"key,omitempty"`
+
+	// value
+	Value string `json:"value,omitempty"`
+}
+
+// Validate validates this idp server configuration info
+func (m *IdpServerConfigurationInfo) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this idp server configuration info based on context it is used
+func (m *IdpServerConfigurationInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *IdpServerConfigurationInfo) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *IdpServerConfigurationInfo) UnmarshalBinary(b []byte) error {
+	var res IdpServerConfigurationInfo
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_a_p_is_response.go

@@ -0,0 +1,133 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsAPIsResponse kms a p is response
+//
+// swagger:model kmsAPIsResponse
+type KmsAPIsResponse struct {
+
+	// results
+	Results []*KmsAPI `json:"results"`
+}
+
+// Validate validates this kms a p is response
+func (m *KmsAPIsResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateResults(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsAPIsResponse) validateResults(formats strfmt.Registry) error {
+	if swag.IsZero(m.Results) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Results); i++ {
+		if swag.IsZero(m.Results[i]) { // not required
+			continue
+		}
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this kms a p is response based on the context it is used
+func (m *KmsAPIsResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateResults(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsAPIsResponse) contextValidateResults(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Results); i++ {
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsAPIsResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsAPIsResponse) UnmarshalBinary(b []byte) error {
+	var res KmsAPIsResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_api.go

@@ -0,0 +1,76 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsAPI kms API
+//
+// swagger:model kmsAPI
+type KmsAPI struct {
+
+	// max body
+	MaxBody int64 `json:"maxBody,omitempty"`
+
+	// method
+	Method string `json:"method,omitempty"`
+
+	// path
+	Path string `json:"path,omitempty"`
+
+	// timeout
+	Timeout int64 `json:"timeout,omitempty"`
+}
+
+// Validate validates this kms API
+func (m *KmsAPI) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms API based on context it is used
+func (m *KmsAPI) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsAPI) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsAPI) UnmarshalBinary(b []byte) error {
+	var res KmsAPI
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_assign_policy_request.go

@@ -22,7 +22,46 @@ package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
 // KmsAssignPolicyRequest kms assign policy request
 //
 // swagger:model kmsAssignPolicyRequest
-type KmsAssignPolicyRequest interface{}
+type KmsAssignPolicyRequest struct {
+
+	// identity
+	Identity string `json:"identity,omitempty"`
+}
+
+// Validate validates this kms assign policy request
+func (m *KmsAssignPolicyRequest) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms assign policy request based on context it is used
+func (m *KmsAssignPolicyRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsAssignPolicyRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsAssignPolicyRequest) UnmarshalBinary(b []byte) error {
+	var res KmsAssignPolicyRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_create_key_request.go

@@ -22,7 +22,67 @@ package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
 // KmsCreateKeyRequest kms create key request
 //
 // swagger:model kmsCreateKeyRequest
-type KmsCreateKeyRequest interface{}
+type KmsCreateKeyRequest struct {
+
+	// key
+	// Required: true
+	Key *string `json:"key"`
+}
+
+// Validate validates this kms create key request
+func (m *KmsCreateKeyRequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateKey(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsCreateKeyRequest) validateKey(formats strfmt.Registry) error {
+
+	if err := validate.Required("key", "body", m.Key); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this kms create key request based on context it is used
+func (m *KmsCreateKeyRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsCreateKeyRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsCreateKeyRequest) UnmarshalBinary(b []byte) error {
+	var res KmsCreateKeyRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_describe_identity_response.go

@@ -22,7 +22,58 @@ package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
 // KmsDescribeIdentityResponse kms describe identity response
 //
 // swagger:model kmsDescribeIdentityResponse
-type KmsDescribeIdentityResponse interface{}
+type KmsDescribeIdentityResponse struct {
+
+	// admin
+	Admin bool `json:"admin,omitempty"`
+
+	// created at
+	CreatedAt string `json:"createdAt,omitempty"`
+
+	// created by
+	CreatedBy string `json:"createdBy,omitempty"`
+
+	// identity
+	Identity string `json:"identity,omitempty"`
+
+	// policy
+	Policy string `json:"policy,omitempty"`
+}
+
+// Validate validates this kms describe identity response
+func (m *KmsDescribeIdentityResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms describe identity response based on context it is used
+func (m *KmsDescribeIdentityResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsDescribeIdentityResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsDescribeIdentityResponse) UnmarshalBinary(b []byte) error {
+	var res KmsDescribeIdentityResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_describe_policy_response.go

@@ -22,7 +22,52 @@ package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
 // KmsDescribePolicyResponse kms describe policy response
 //
 // swagger:model kmsDescribePolicyResponse
-type KmsDescribePolicyResponse interface{}
+type KmsDescribePolicyResponse struct {
+
+	// created at
+	CreatedAt string `json:"createdAt,omitempty"`
+
+	// created by
+	CreatedBy string `json:"createdBy,omitempty"`
+
+	// name
+	Name string `json:"name,omitempty"`
+}
+
+// Validate validates this kms describe policy response
+func (m *KmsDescribePolicyResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms describe policy response based on context it is used
+func (m *KmsDescribePolicyResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsDescribePolicyResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsDescribePolicyResponse) UnmarshalBinary(b []byte) error {
+	var res KmsDescribePolicyResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_describe_self_identity_response.go

@@ -22,7 +22,115 @@ package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
 // KmsDescribeSelfIdentityResponse kms describe self identity response
 //
 // swagger:model kmsDescribeSelfIdentityResponse
-type KmsDescribeSelfIdentityResponse interface{}
+type KmsDescribeSelfIdentityResponse struct {
+
+	// admin
+	Admin bool `json:"admin,omitempty"`
+
+	// created at
+	CreatedAt string `json:"createdAt,omitempty"`
+
+	// created by
+	CreatedBy string `json:"createdBy,omitempty"`
+
+	// identity
+	Identity string `json:"identity,omitempty"`
+
+	// policy
+	Policy *KmsGetPolicyResponse `json:"policy,omitempty"`
+
+	// policy name
+	PolicyName string `json:"policyName,omitempty"`
+}
+
+// Validate validates this kms describe self identity response
+func (m *KmsDescribeSelfIdentityResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validatePolicy(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsDescribeSelfIdentityResponse) validatePolicy(formats strfmt.Registry) error {
+	if swag.IsZero(m.Policy) { // not required
+		return nil
+	}
+
+	if m.Policy != nil {
+		if err := m.Policy.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("policy")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("policy")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ContextValidate validate this kms describe self identity response based on the context it is used
+func (m *KmsDescribeSelfIdentityResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidatePolicy(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsDescribeSelfIdentityResponse) contextValidatePolicy(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.Policy != nil {
+		if err := m.Policy.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("policy")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("policy")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsDescribeSelfIdentityResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsDescribeSelfIdentityResponse) UnmarshalBinary(b []byte) error {
+	var res KmsDescribeSelfIdentityResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_endpoint.go

@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsEndpoint kms endpoint
+//
+// swagger:model kmsEndpoint
+type KmsEndpoint struct {
+
+	// status
+	Status string `json:"status,omitempty"`
+
+	// url
+	URL string `json:"url,omitempty"`
+}
+
+// Validate validates this kms endpoint
+func (m *KmsEndpoint) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms endpoint based on context it is used
+func (m *KmsEndpoint) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsEndpoint) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsEndpoint) UnmarshalBinary(b []byte) error {
+	var res KmsEndpoint
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_get_policy_request.go

@@ -1,28 +0,0 @@
-// Code generated by go-swagger; DO NOT EDIT.
-
-// This file is part of MinIO Console Server
-// Copyright (c) 2022 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-//
-
-package models
-
-// This file was generated by the swagger tool.
-// Editing this file might prove futile when you re-run the swagger generate command
-
-// KmsGetPolicyRequest kms get policy request
-//
-// swagger:model kmsGetPolicyRequest
-type KmsGetPolicyRequest interface{}

models/kms_get_policy_response.go

@@ -22,7 +22,49 @@ package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
 // KmsGetPolicyResponse kms get policy response
 //
 // swagger:model kmsGetPolicyResponse
-type KmsGetPolicyResponse interface{}
+type KmsGetPolicyResponse struct {
+
+	// allow
+	Allow []string `json:"allow"`
+
+	// deny
+	Deny []string `json:"deny"`
+}
+
+// Validate validates this kms get policy response
+func (m *KmsGetPolicyResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms get policy response based on context it is used
+func (m *KmsGetPolicyResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsGetPolicyResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsGetPolicyResponse) UnmarshalBinary(b []byte) error {
+	var res KmsGetPolicyResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_identity_info.go

@@ -0,0 +1,79 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsIdentityInfo kms identity info
+//
+// swagger:model kmsIdentityInfo
+type KmsIdentityInfo struct {
+
+	// created at
+	CreatedAt string `json:"createdAt,omitempty"`
+
+	// created by
+	CreatedBy string `json:"createdBy,omitempty"`
+
+	// error
+	Error string `json:"error,omitempty"`
+
+	// identity
+	Identity string `json:"identity,omitempty"`
+
+	// policy
+	Policy string `json:"policy,omitempty"`
+}
+
+// Validate validates this kms identity info
+func (m *KmsIdentityInfo) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms identity info based on context it is used
+func (m *KmsIdentityInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsIdentityInfo) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsIdentityInfo) UnmarshalBinary(b []byte) error {
+	var res KmsIdentityInfo
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_import_key_request.go

@@ -22,7 +22,67 @@ package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
 // KmsImportKeyRequest kms import key request
 //
 // swagger:model kmsImportKeyRequest
-type KmsImportKeyRequest interface{}
+type KmsImportKeyRequest struct {
+
+	// bytes
+	// Required: true
+	Bytes *string `json:"bytes"`
+}
+
+// Validate validates this kms import key request
+func (m *KmsImportKeyRequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateBytes(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsImportKeyRequest) validateBytes(formats strfmt.Registry) error {
+
+	if err := validate.Required("bytes", "body", m.Bytes); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this kms import key request based on context it is used
+func (m *KmsImportKeyRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsImportKeyRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsImportKeyRequest) UnmarshalBinary(b []byte) error {
+	var res KmsImportKeyRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_key_info.go

@@ -0,0 +1,73 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsKeyInfo kms key info
+//
+// swagger:model kmsKeyInfo
+type KmsKeyInfo struct {
+
+	// created at
+	CreatedAt string `json:"createdAt,omitempty"`
+
+	// created by
+	CreatedBy string `json:"createdBy,omitempty"`
+
+	// name
+	Name string `json:"name,omitempty"`
+}
+
+// Validate validates this kms key info
+func (m *KmsKeyInfo) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms key info based on context it is used
+func (m *KmsKeyInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsKeyInfo) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsKeyInfo) UnmarshalBinary(b []byte) error {
+	var res KmsKeyInfo
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_key_status_request.go

@@ -1,28 +0,0 @@
-// Code generated by go-swagger; DO NOT EDIT.
-
-// This file is part of MinIO Console Server
-// Copyright (c) 2022 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-//
-
-package models
-
-// This file was generated by the swagger tool.
-// Editing this file might prove futile when you re-run the swagger generate command
-
-// KmsKeyStatusRequest kms key status request
-//
-// swagger:model kmsKeyStatusRequest
-type KmsKeyStatusRequest interface{}

models/kms_key_status_response.go

@@ -22,7 +22,52 @@ package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
 // KmsKeyStatusResponse kms key status response
 //
 // swagger:model kmsKeyStatusResponse
-type KmsKeyStatusResponse interface{}
+type KmsKeyStatusResponse struct {
+
+	// decryption err
+	DecryptionErr string `json:"decryptionErr,omitempty"`
+
+	// encryption err
+	EncryptionErr string `json:"encryptionErr,omitempty"`
+
+	// key ID
+	KeyID string `json:"keyID,omitempty"`
+}
+
+// Validate validates this kms key status response
+func (m *KmsKeyStatusResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms key status response based on context it is used
+func (m *KmsKeyStatusResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsKeyStatusResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsKeyStatusResponse) UnmarshalBinary(b []byte) error {
+	var res KmsKeyStatusResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_latency_histogram.go

@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsLatencyHistogram kms latency histogram
+//
+// swagger:model kmsLatencyHistogram
+type KmsLatencyHistogram struct {
+
+	// duration
+	Duration int64 `json:"duration,omitempty"`
+}
+
+// Validate validates this kms latency histogram
+func (m *KmsLatencyHistogram) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms latency histogram based on context it is used
+func (m *KmsLatencyHistogram) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsLatencyHistogram) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsLatencyHistogram) UnmarshalBinary(b []byte) error {
+	var res KmsLatencyHistogram
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_list_identities_response.go

@@ -22,7 +22,112 @@ package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
 // KmsListIdentitiesResponse kms list identities response
 //
 // swagger:model kmsListIdentitiesResponse
-type KmsListIdentitiesResponse interface{}
+type KmsListIdentitiesResponse struct {
+
+	// results
+	Results []*KmsIdentityInfo `json:"results"`
+}
+
+// Validate validates this kms list identities response
+func (m *KmsListIdentitiesResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateResults(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsListIdentitiesResponse) validateResults(formats strfmt.Registry) error {
+	if swag.IsZero(m.Results) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Results); i++ {
+		if swag.IsZero(m.Results[i]) { // not required
+			continue
+		}
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this kms list identities response based on the context it is used
+func (m *KmsListIdentitiesResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateResults(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsListIdentitiesResponse) contextValidateResults(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Results); i++ {
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsListIdentitiesResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsListIdentitiesResponse) UnmarshalBinary(b []byte) error {
+	var res KmsListIdentitiesResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_list_keys_response.go

@@ -22,7 +22,112 @@ package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
 // KmsListKeysResponse kms list keys response
 //
 // swagger:model kmsListKeysResponse
-type KmsListKeysResponse interface{}
+type KmsListKeysResponse struct {
+
+	// results
+	Results []*KmsKeyInfo `json:"results"`
+}
+
+// Validate validates this kms list keys response
+func (m *KmsListKeysResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateResults(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsListKeysResponse) validateResults(formats strfmt.Registry) error {
+	if swag.IsZero(m.Results) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Results); i++ {
+		if swag.IsZero(m.Results[i]) { // not required
+			continue
+		}
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this kms list keys response based on the context it is used
+func (m *KmsListKeysResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateResults(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsListKeysResponse) contextValidateResults(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Results); i++ {
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsListKeysResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsListKeysResponse) UnmarshalBinary(b []byte) error {
+	var res KmsListKeysResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_list_policies_request.go

@@ -1,28 +0,0 @@
-// Code generated by go-swagger; DO NOT EDIT.
-
-// This file is part of MinIO Console Server
-// Copyright (c) 2022 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-//
-
-package models
-
-// This file was generated by the swagger tool.
-// Editing this file might prove futile when you re-run the swagger generate command
-
-// KmsListPoliciesRequest kms list policies request
-//
-// swagger:model kmsListPoliciesRequest
-type KmsListPoliciesRequest interface{}

models/kms_list_policies_response.go

@@ -22,7 +22,112 @@ package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
 // KmsListPoliciesResponse kms list policies response
 //
 // swagger:model kmsListPoliciesResponse
-type KmsListPoliciesResponse interface{}
+type KmsListPoliciesResponse struct {
+
+	// results
+	Results []*KmsPolicyInfo `json:"results"`
+}
+
+// Validate validates this kms list policies response
+func (m *KmsListPoliciesResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateResults(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsListPoliciesResponse) validateResults(formats strfmt.Registry) error {
+	if swag.IsZero(m.Results) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Results); i++ {
+		if swag.IsZero(m.Results[i]) { // not required
+			continue
+		}
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this kms list policies response based on the context it is used
+func (m *KmsListPoliciesResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateResults(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsListPoliciesResponse) contextValidateResults(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Results); i++ {
+
+		if m.Results[i] != nil {
+			if err := m.Results[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("results" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("results" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsListPoliciesResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsListPoliciesResponse) UnmarshalBinary(b []byte) error {
+	var res KmsListPoliciesResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_metrics_response.go

@@ -0,0 +1,331 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
+// KmsMetricsResponse kms metrics response
+//
+// swagger:model kmsMetricsResponse
+type KmsMetricsResponse struct {
+
+	// audit events
+	// Required: true
+	AuditEvents *int64 `json:"auditEvents"`
+
+	// cpus
+	// Required: true
+	Cpus *int64 `json:"cpus"`
+
+	// error events
+	// Required: true
+	ErrorEvents *int64 `json:"errorEvents"`
+
+	// heap alloc
+	// Required: true
+	HeapAlloc *int64 `json:"heapAlloc"`
+
+	// heap objects
+	HeapObjects int64 `json:"heapObjects,omitempty"`
+
+	// latency histogram
+	// Required: true
+	LatencyHistogram *KmsLatencyHistogram `json:"latencyHistogram"`
+
+	// request active
+	// Required: true
+	RequestActive *int64 `json:"requestActive"`
+
+	// request err
+	// Required: true
+	RequestErr *int64 `json:"requestErr"`
+
+	// request fail
+	// Required: true
+	RequestFail *int64 `json:"requestFail"`
+
+	// request o k
+	// Required: true
+	RequestOK *int64 `json:"requestOK"`
+
+	// stack alloc
+	// Required: true
+	StackAlloc *int64 `json:"stackAlloc"`
+
+	// threads
+	// Required: true
+	Threads *int64 `json:"threads"`
+
+	// uptime
+	// Required: true
+	Uptime *int64 `json:"uptime"`
+
+	// usable c p us
+	// Required: true
+	UsableCPUs *int64 `json:"usableCPUs"`
+}
+
+// Validate validates this kms metrics response
+func (m *KmsMetricsResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateAuditEvents(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateCpus(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateErrorEvents(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateHeapAlloc(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateLatencyHistogram(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateRequestActive(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateRequestErr(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateRequestFail(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateRequestOK(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateStackAlloc(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateThreads(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateUptime(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if err := m.validateUsableCPUs(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateAuditEvents(formats strfmt.Registry) error {
+
+	if err := validate.Required("auditEvents", "body", m.AuditEvents); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateCpus(formats strfmt.Registry) error {
+
+	if err := validate.Required("cpus", "body", m.Cpus); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateErrorEvents(formats strfmt.Registry) error {
+
+	if err := validate.Required("errorEvents", "body", m.ErrorEvents); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateHeapAlloc(formats strfmt.Registry) error {
+
+	if err := validate.Required("heapAlloc", "body", m.HeapAlloc); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateLatencyHistogram(formats strfmt.Registry) error {
+
+	if err := validate.Required("latencyHistogram", "body", m.LatencyHistogram); err != nil {
+		return err
+	}
+
+	if m.LatencyHistogram != nil {
+		if err := m.LatencyHistogram.Validate(formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("latencyHistogram")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("latencyHistogram")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateRequestActive(formats strfmt.Registry) error {
+
+	if err := validate.Required("requestActive", "body", m.RequestActive); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateRequestErr(formats strfmt.Registry) error {
+
+	if err := validate.Required("requestErr", "body", m.RequestErr); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateRequestFail(formats strfmt.Registry) error {
+
+	if err := validate.Required("requestFail", "body", m.RequestFail); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateRequestOK(formats strfmt.Registry) error {
+
+	if err := validate.Required("requestOK", "body", m.RequestOK); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateStackAlloc(formats strfmt.Registry) error {
+
+	if err := validate.Required("stackAlloc", "body", m.StackAlloc); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateThreads(formats strfmt.Registry) error {
+
+	if err := validate.Required("threads", "body", m.Threads); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateUptime(formats strfmt.Registry) error {
+
+	if err := validate.Required("uptime", "body", m.Uptime); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *KmsMetricsResponse) validateUsableCPUs(formats strfmt.Registry) error {
+
+	if err := validate.Required("usableCPUs", "body", m.UsableCPUs); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validate this kms metrics response based on the context it is used
+func (m *KmsMetricsResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateLatencyHistogram(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsMetricsResponse) contextValidateLatencyHistogram(ctx context.Context, formats strfmt.Registry) error {
+
+	if m.LatencyHistogram != nil {
+		if err := m.LatencyHistogram.ContextValidate(ctx, formats); err != nil {
+			if ve, ok := err.(*errors.Validation); ok {
+				return ve.ValidateName("latencyHistogram")
+			} else if ce, ok := err.(*errors.CompositeError); ok {
+				return ce.ValidateName("latencyHistogram")
+			}
+			return err
+		}
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsMetricsResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsMetricsResponse) UnmarshalBinary(b []byte) error {
+	var res KmsMetricsResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_policy_info.go

@@ -0,0 +1,73 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsPolicyInfo kms policy info
+//
+// swagger:model kmsPolicyInfo
+type KmsPolicyInfo struct {
+
+	// created at
+	CreatedAt string `json:"createdAt,omitempty"`
+
+	// created by
+	CreatedBy string `json:"createdBy,omitempty"`
+
+	// name
+	Name string `json:"name,omitempty"`
+}
+
+// Validate validates this kms policy info
+func (m *KmsPolicyInfo) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms policy info based on context it is used
+func (m *KmsPolicyInfo) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsPolicyInfo) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsPolicyInfo) UnmarshalBinary(b []byte) error {
+	var res KmsPolicyInfo
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_set_policy_request.go

@@ -22,7 +22,73 @@ package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 
+import (
+	"context"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+	"github.com/go-openapi/validate"
+)
+
 // KmsSetPolicyRequest kms set policy request
 //
 // swagger:model kmsSetPolicyRequest
-type KmsSetPolicyRequest interface{}
+type KmsSetPolicyRequest struct {
+
+	// allow
+	Allow []string `json:"allow"`
+
+	// deny
+	Deny []string `json:"deny"`
+
+	// policy
+	// Required: true
+	Policy *string `json:"policy"`
+}
+
+// Validate validates this kms set policy request
+func (m *KmsSetPolicyRequest) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validatePolicy(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsSetPolicyRequest) validatePolicy(formats strfmt.Registry) error {
+
+	if err := validate.Required("policy", "body", m.Policy); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ContextValidate validates this kms set policy request based on context it is used
+func (m *KmsSetPolicyRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsSetPolicyRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsSetPolicyRequest) UnmarshalBinary(b []byte) error {
+	var res KmsSetPolicyRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_status_request.go

@@ -1,28 +0,0 @@
-// Code generated by go-swagger; DO NOT EDIT.
-
-// This file is part of MinIO Console Server
-// Copyright (c) 2022 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-//
-
-package models
-
-// This file was generated by the swagger tool.
-// Editing this file might prove futile when you re-run the swagger generate command
-
-// KmsStatusRequest kms status request
-//
-// swagger:model kmsStatusRequest
-type KmsStatusRequest interface{}

models/kms_status_response.go

@@ -22,7 +22,118 @@ package models
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 
+import (
+	"context"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
 // KmsStatusResponse kms status response
 //
 // swagger:model kmsStatusResponse
-type KmsStatusResponse interface{}
+type KmsStatusResponse struct {
+
+	// default key ID
+	DefaultKeyID string `json:"defaultKeyID,omitempty"`
+
+	// endpoints
+	Endpoints []*KmsEndpoint `json:"endpoints"`
+
+	// name
+	Name string `json:"name,omitempty"`
+}
+
+// Validate validates this kms status response
+func (m *KmsStatusResponse) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateEndpoints(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsStatusResponse) validateEndpoints(formats strfmt.Registry) error {
+	if swag.IsZero(m.Endpoints) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.Endpoints); i++ {
+		if swag.IsZero(m.Endpoints[i]) { // not required
+			continue
+		}
+
+		if m.Endpoints[i] != nil {
+			if err := m.Endpoints[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("endpoints" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("endpoints" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this kms status response based on the context it is used
+func (m *KmsStatusResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateEndpoints(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *KmsStatusResponse) contextValidateEndpoints(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.Endpoints); i++ {
+
+		if m.Endpoints[i] != nil {
+			if err := m.Endpoints[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("endpoints" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("endpoints" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsStatusResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsStatusResponse) UnmarshalBinary(b []byte) error {
+	var res KmsStatusResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/kms_version_response.go

@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// KmsVersionResponse kms version response
+//
+// swagger:model kmsVersionResponse
+type KmsVersionResponse struct {
+
+	// version
+	Version string `json:"version,omitempty"`
+}
+
+// Validate validates this kms version response
+func (m *KmsVersionResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this kms version response based on context it is used
+func (m *KmsVersionResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *KmsVersionResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *KmsVersionResponse) UnmarshalBinary(b []byte) error {
+	var res KmsVersionResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/login_details.go

@@ -25,6 +25,7 @@ package models
 import (
 	"context"
 	"encoding/json"
+	"strconv"
 
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
@@ -37,18 +38,18 @@ import (
 // swagger:model loginDetails
 type LoginDetails struct {
 
-	// display names
-	DisplayNames []string `json:"displayNames"`
-
 	// is direct p v
 	IsDirectPV bool `json:"isDirectPV,omitempty"`
 
+	// is k8 s
+	IsK8S bool `json:"isK8S,omitempty"`
+
 	// login strategy
 	// Enum: [form redirect service-account redirect-service-account]
 	LoginStrategy string `json:"loginStrategy,omitempty"`
 
-	// redirect
-	Redirect []string `json:"redirect"`
+	// redirect rules
+	RedirectRules []*RedirectRule `json:"redirectRules"`
 }
 
 // Validate validates this login details
@@ -59,6 +60,10 @@ func (m *LoginDetails) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
+	if err := m.validateRedirectRules(formats); err != nil {
+		res = append(res, err)
+	}
+
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -113,8 +118,63 @@ func (m *LoginDetails) validateLoginStrategy(formats strfmt.Registry) error {
 	return nil
 }
 
-// ContextValidate validates this login details based on context it is used
+func (m *LoginDetails) validateRedirectRules(formats strfmt.Registry) error {
+	if swag.IsZero(m.RedirectRules) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(m.RedirectRules); i++ {
+		if swag.IsZero(m.RedirectRules[i]) { // not required
+			continue
+		}
+
+		if m.RedirectRules[i] != nil {
+			if err := m.RedirectRules[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("redirectRules" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("redirectRules" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this login details based on the context it is used
 func (m *LoginDetails) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateRedirectRules(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *LoginDetails) contextValidateRedirectRules(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(m.RedirectRules); i++ {
+
+		if m.RedirectRules[i] != nil {
+			if err := m.RedirectRules[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("redirectRules" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("redirectRules" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
 	return nil
 }
 

models/login_response.go

@@ -34,6 +34,9 @@ import (
 // swagger:model loginResponse
 type LoginResponse struct {
 
+	// ID p refresh token
+	IDPRefreshToken string `json:"IDPRefreshToken,omitempty"`
+
 	// session Id
 	SessionID string `json:"sessionId,omitempty"`
 }

models/logout_request.go

@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// LogoutRequest logout request
+//
+// swagger:model logoutRequest
+type LogoutRequest struct {
+
+	// state
+	State string `json:"state,omitempty"`
+}
+
+// Validate validates this logout request
+func (m *LogoutRequest) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this logout request based on context it is used
+func (m *LogoutRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *LogoutRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *LogoutRequest) UnmarshalBinary(b []byte) error {
+	var res LogoutRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/redirect_rule.go

@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// RedirectRule redirect rule
+//
+// swagger:model redirectRule
+type RedirectRule struct {
+
+	// display name
+	DisplayName string `json:"displayName,omitempty"`
+
+	// redirect
+	Redirect string `json:"redirect,omitempty"`
+}
+
+// Validate validates this redirect rule
+func (m *RedirectRule) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this redirect rule based on context it is used
+func (m *RedirectRule) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *RedirectRule) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *RedirectRule) UnmarshalBinary(b []byte) error {
+	var res RedirectRule
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/rewind_item.go

@@ -40,6 +40,9 @@ type RewindItem struct {
 	// delete flag
 	DeleteFlag bool `json:"delete_flag,omitempty"`
 
+	// is latest
+	IsLatest bool `json:"is_latest,omitempty"`
+
 	// last modified
 	LastModified string `json:"last_modified,omitempty"`
 

models/session_response.go

@@ -59,6 +59,9 @@ type SessionResponse struct {
 	// permissions
 	Permissions map[string][]string `json:"permissions,omitempty"`
 
+	// server end point
+	ServerEndPoint string `json:"serverEndPoint,omitempty"`
+
 	// status
 	// Enum: [ok]
 	Status string `json:"status,omitempty"`

models/set_id_p_response.go

@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2022 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// SetIDPResponse set ID p response
+//
+// swagger:model setIDPResponse
+type SetIDPResponse struct {
+
+	// restart
+	Restart bool `json:"restart,omitempty"`
+}
+
+// Validate validates this set ID p response
+func (m *SetIDPResponse) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this set ID p response based on context it is used
+func (m *SetIDPResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *SetIDPResponse) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *SetIDPResponse) UnmarshalBinary(b []byte) error {
+	var res SetIDPResponse
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/tier.go

@@ -49,6 +49,9 @@ type Tier struct {
 	// s3
 	S3 *TierS3 `json:"s3,omitempty"`
 
+	// status
+	Status bool `json:"status,omitempty"`
+
 	// type
 	// Enum: [s3 gcs azure minio unsupported]
 	Type string `json:"type,omitempty"`

models/vault_configuration.go

@@ -55,9 +55,6 @@ type VaultConfiguration struct {
 
 	// status
 	Status *VaultConfigurationStatus `json:"status,omitempty"`
-
-	// tls
-	TLS *VaultConfigurationTLS `json:"tls,omitempty"`
 }
 
 // Validate validates this vault configuration
@@ -76,10 +73,6 @@ func (m *VaultConfiguration) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
-	if err := m.validateTLS(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -134,25 +127,6 @@ func (m *VaultConfiguration) validateStatus(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *VaultConfiguration) validateTLS(formats strfmt.Registry) error {
-	if swag.IsZero(m.TLS) { // not required
-		return nil
-	}
-
-	if m.TLS != nil {
-		if err := m.TLS.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // ContextValidate validate this vault configuration based on the context it is used
 func (m *VaultConfiguration) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
@@ -165,10 +139,6 @@ func (m *VaultConfiguration) ContextValidate(ctx context.Context, formats strfmt
 		res = append(res, err)
 	}
 
-	if err := m.contextValidateTLS(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -207,22 +177,6 @@ func (m *VaultConfiguration) contextValidateStatus(ctx context.Context, formats
 	return nil
 }
 
-func (m *VaultConfiguration) contextValidateTLS(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.TLS != nil {
-		if err := m.TLS.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // MarshalBinary interface implementation
 func (m *VaultConfiguration) MarshalBinary() ([]byte, error) {
 	if m == nil {
@@ -356,46 +310,3 @@ func (m *VaultConfigurationStatus) UnmarshalBinary(b []byte) error {
 	*m = res
 	return nil
 }
-
-// VaultConfigurationTLS vault configuration TLS
-//
-// swagger:model VaultConfigurationTLS
-type VaultConfigurationTLS struct {
-
-	// ca
-	Ca string `json:"ca,omitempty"`
-
-	// crt
-	Crt string `json:"crt,omitempty"`
-
-	// key
-	Key string `json:"key,omitempty"`
-}
-
-// Validate validates this vault configuration TLS
-func (m *VaultConfigurationTLS) Validate(formats strfmt.Registry) error {
-	return nil
-}
-
-// ContextValidate validates this vault configuration TLS based on context it is used
-func (m *VaultConfigurationTLS) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *VaultConfigurationTLS) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *VaultConfigurationTLS) UnmarshalBinary(b []byte) error {
-	var res VaultConfigurationTLS
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}

models/vault_configuration_response.go

@@ -55,9 +55,6 @@ type VaultConfigurationResponse struct {
 
 	// status
 	Status *VaultConfigurationResponseStatus `json:"status,omitempty"`
-
-	// tls
-	TLS *VaultConfigurationResponseTLS `json:"tls,omitempty"`
 }
 
 // Validate validates this vault configuration response
@@ -76,10 +73,6 @@ func (m *VaultConfigurationResponse) Validate(formats strfmt.Registry) error {
 		res = append(res, err)
 	}
 
-	if err := m.validateTLS(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -134,25 +127,6 @@ func (m *VaultConfigurationResponse) validateStatus(formats strfmt.Registry) err
 	return nil
 }
 
-func (m *VaultConfigurationResponse) validateTLS(formats strfmt.Registry) error {
-	if swag.IsZero(m.TLS) { // not required
-		return nil
-	}
-
-	if m.TLS != nil {
-		if err := m.TLS.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // ContextValidate validate this vault configuration response based on the context it is used
 func (m *VaultConfigurationResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
@@ -165,10 +139,6 @@ func (m *VaultConfigurationResponse) ContextValidate(ctx context.Context, format
 		res = append(res, err)
 	}
 
-	if err := m.contextValidateTLS(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
@@ -207,22 +177,6 @@ func (m *VaultConfigurationResponse) contextValidateStatus(ctx context.Context,
 	return nil
 }
 
-func (m *VaultConfigurationResponse) contextValidateTLS(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.TLS != nil {
-		if err := m.TLS.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 // MarshalBinary interface implementation
 func (m *VaultConfigurationResponse) MarshalBinary() ([]byte, error) {
 	if m == nil {
@@ -356,139 +310,3 @@ func (m *VaultConfigurationResponseStatus) UnmarshalBinary(b []byte) error {
 	*m = res
 	return nil
 }
-
-// VaultConfigurationResponseTLS vault configuration response TLS
-//
-// swagger:model VaultConfigurationResponseTLS
-type VaultConfigurationResponseTLS struct {
-
-	// ca
-	Ca *CertificateInfo `json:"ca,omitempty"`
-
-	// crt
-	Crt *CertificateInfo `json:"crt,omitempty"`
-}
-
-// Validate validates this vault configuration response TLS
-func (m *VaultConfigurationResponseTLS) Validate(formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.validateCa(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if err := m.validateCrt(formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *VaultConfigurationResponseTLS) validateCa(formats strfmt.Registry) error {
-	if swag.IsZero(m.Ca) { // not required
-		return nil
-	}
-
-	if m.Ca != nil {
-		if err := m.Ca.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls" + "." + "ca")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls" + "." + "ca")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-func (m *VaultConfigurationResponseTLS) validateCrt(formats strfmt.Registry) error {
-	if swag.IsZero(m.Crt) { // not required
-		return nil
-	}
-
-	if m.Crt != nil {
-		if err := m.Crt.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls" + "." + "crt")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls" + "." + "crt")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// ContextValidate validate this vault configuration response TLS based on the context it is used
-func (m *VaultConfigurationResponseTLS) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.contextValidateCa(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
-	if err := m.contextValidateCrt(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *VaultConfigurationResponseTLS) contextValidateCa(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.Ca != nil {
-		if err := m.Ca.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls" + "." + "ca")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls" + "." + "ca")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-func (m *VaultConfigurationResponseTLS) contextValidateCrt(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.Crt != nil {
-		if err := m.Crt.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("tls" + "." + "crt")
-			} else if ce, ok := err.(*errors.CompositeError); ok {
-				return ce.ValidateName("tls" + "." + "crt")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
-// MarshalBinary interface implementation
-func (m *VaultConfigurationResponseTLS) MarshalBinary() ([]byte, error) {
-	if m == nil {
-		return nil, nil
-	}
-	return swag.WriteJSON(m)
-}
-
-// UnmarshalBinary interface implementation
-func (m *VaultConfigurationResponseTLS) UnmarshalBinary(b []byte) error {
-	var res VaultConfigurationResponseTLS
-	if err := swag.ReadJSON(b, &res); err != nil {
-		return err
-	}
-	*m = res
-	return nil
-}

operatorapi/embedded_spec.go

@@ -3045,10 +3045,6 @@ func init() {
               "type": "object",
               "$ref": "#/definitions/azureConfiguration"
             },
-            "client": {
-              "type": "object",
-              "$ref": "#/definitions/keyPairConfiguration"
-            },
             "gcp": {
               "type": "object",
               "$ref": "#/definitions/gcpConfiguration"
@@ -3060,6 +3056,27 @@ func init() {
             "image": {
               "type": "string"
             },
+            "kms_mtls": {
+              "type": "object",
+              "properties": {
+                "ca": {
+                  "type": "string"
+                },
+                "crt": {
+                  "type": "string"
+                },
+                "key": {
+                  "type": "string"
+                }
+              }
+            },
+            "minio_mtls": {
+              "type": "object",
+              "$ref": "#/definitions/keyPairConfiguration"
+            },
+            "raw": {
+              "type": "string"
+            },
             "replicas": {
               "type": "string"
             },
@@ -3073,7 +3090,7 @@ func init() {
               "type": "object",
               "$ref": "#/definitions/securityContext"
             },
-            "server": {
+            "server_tls": {
               "type": "object",
               "$ref": "#/definitions/keyPairConfiguration"
             },
@@ -3112,10 +3129,26 @@ func init() {
             "image": {
               "type": "string"
             },
-            "mtls_client": {
+            "kms_mtls": {
+              "type": "object",
+              "properties": {
+                "ca": {
+                  "type": "object",
+                  "$ref": "#/definitions/certificateInfo"
+                },
+                "crt": {
+                  "type": "object",
+                  "$ref": "#/definitions/certificateInfo"
+                }
+              }
+            },
+            "minio_mtls": {
               "type": "object",
               "$ref": "#/definitions/certificateInfo"
             },
+            "raw": {
+              "type": "string"
+            },
             "replicas": {
               "type": "string"
             },
@@ -3123,7 +3156,7 @@ func init() {
               "type": "object",
               "$ref": "#/definitions/securityContext"
             },
-            "server": {
+            "server_tls": {
               "type": "object",
               "$ref": "#/definitions/certificateInfo"
             },
@@ -3298,17 +3331,6 @@ func init() {
             },
             "endpoint": {
               "type": "string"
-            },
-            "tls": {
-              "type": "object",
-              "required": [
-                "ca"
-              ],
-              "properties": {
-                "ca": {
-                  "type": "string"
-                }
-              }
             }
           }
         }
@@ -3348,18 +3370,6 @@ func init() {
             },
             "endpoint": {
               "type": "string"
-            },
-            "tls": {
-              "type": "object",
-              "required": [
-                "ca"
-              ],
-              "properties": {
-                "ca": {
-                  "type": "object",
-                  "$ref": "#/definitions/certificateInfo"
-                }
-              }
             }
           }
         }
@@ -3613,15 +3623,12 @@ func init() {
     "loginDetails": {
       "type": "object",
       "properties": {
-        "displayNames": {
-          "type": "array",
-          "items": {
-            "type": "string"
-          }
-        },
         "isDirectPV": {
           "type": "boolean"
         },
+        "isK8S": {
+          "type": "boolean"
+        },
         "loginStrategy": {
           "type": "string",
           "enum": [
@@ -3631,10 +3638,10 @@ func init() {
             "redirect-service-account"
           ]
         },
-        "redirect": {
+        "redirectRules": {
           "type": "array",
           "items": {
-            "type": "string"
+            "$ref": "#/definitions/redirectRule"
           }
         }
       }
@@ -4386,6 +4393,17 @@ func init() {
         }
       }
     },
+    "redirectRule": {
+      "type": "object",
+      "properties": {
+        "displayName": {
+          "type": "string"
+        },
+        "redirect": {
+          "type": "string"
+        }
+      }
+    },
     "resourceQuota": {
       "type": "object",
       "properties": {
@@ -5134,20 +5152,6 @@ func init() {
               "format": "int64"
             }
           }
-        },
-        "tls": {
-          "type": "object",
-          "properties": {
-            "ca": {
-              "type": "string"
-            },
-            "crt": {
-              "type": "string"
-            },
-            "key": {
-              "type": "string"
-            }
-          }
         }
       }
     },
@@ -5200,19 +5204,6 @@ func init() {
               "format": "int64"
             }
           }
-        },
-        "tls": {
-          "type": "object",
-          "properties": {
-            "ca": {
-              "type": "object",
-              "$ref": "#/definitions/certificateInfo"
-            },
-            "crt": {
-              "type": "object",
-              "$ref": "#/definitions/certificateInfo"
-            }
-          }
         }
       }
     },
@@ -7742,6 +7733,33 @@ func init() {
         }
       }
     },
+    "EncryptionConfigurationAO1KmsMtls": {
+      "type": "object",
+      "properties": {
+        "ca": {
+          "type": "string"
+        },
+        "crt": {
+          "type": "string"
+        },
+        "key": {
+          "type": "string"
+        }
+      }
+    },
+    "EncryptionConfigurationResponseAO1KmsMtls": {
+      "type": "object",
+      "properties": {
+        "ca": {
+          "type": "object",
+          "$ref": "#/definitions/certificateInfo"
+        },
+        "crt": {
+          "type": "object",
+          "$ref": "#/definitions/certificateInfo"
+        }
+      }
+    },
     "GcpConfigurationSecretmanager": {
       "type": "object",
       "required": [
@@ -7818,17 +7836,6 @@ func init() {
         },
         "endpoint": {
           "type": "string"
-        },
-        "tls": {
-          "type": "object",
-          "required": [
-            "ca"
-          ],
-          "properties": {
-            "ca": {
-              "type": "string"
-            }
-          }
         }
       }
     },
@@ -7851,17 +7858,6 @@ func init() {
         }
       }
     },
-    "GemaltoConfigurationKeysecureTLS": {
-      "type": "object",
-      "required": [
-        "ca"
-      ],
-      "properties": {
-        "ca": {
-          "type": "string"
-        }
-      }
-    },
     "GemaltoConfigurationResponseKeysecure": {
       "type": "object",
       "required": [
@@ -7890,18 +7886,6 @@ func init() {
         },
         "endpoint": {
           "type": "string"
-        },
-        "tls": {
-          "type": "object",
-          "required": [
-            "ca"
-          ],
-          "properties": {
-            "ca": {
-              "type": "object",
-              "$ref": "#/definitions/certificateInfo"
-            }
-          }
         }
       }
     },
@@ -7924,18 +7908,6 @@ func init() {
         }
       }
     },
-    "GemaltoConfigurationResponseKeysecureTLS": {
-      "type": "object",
-      "required": [
-        "ca"
-      ],
-      "properties": {
-        "ca": {
-          "type": "object",
-          "$ref": "#/definitions/certificateInfo"
-        }
-      }
-    },
     "IdpConfigurationActiveDirectory": {
       "type": "object",
       "required": [
@@ -8457,19 +8429,6 @@ func init() {
         }
       }
     },
-    "VaultConfigurationResponseTLS": {
-      "type": "object",
-      "properties": {
-        "ca": {
-          "type": "object",
-          "$ref": "#/definitions/certificateInfo"
-        },
-        "crt": {
-          "type": "object",
-          "$ref": "#/definitions/certificateInfo"
-        }
-      }
-    },
     "VaultConfigurationStatus": {
       "type": "object",
       "properties": {
@@ -8479,20 +8438,6 @@ func init() {
         }
       }
     },
-    "VaultConfigurationTLS": {
-      "type": "object",
-      "properties": {
-        "ca": {
-          "type": "string"
-        },
-        "crt": {
-          "type": "string"
-        },
-        "key": {
-          "type": "string"
-        }
-      }
-    },
     "allocatableResourcesResponse": {
       "type": "object",
       "properties": {
@@ -9111,10 +9056,6 @@ func init() {
               "type": "object",
               "$ref": "#/definitions/azureConfiguration"
             },
-            "client": {
-              "type": "object",
-              "$ref": "#/definitions/keyPairConfiguration"
-            },
             "gcp": {
               "type": "object",
               "$ref": "#/definitions/gcpConfiguration"
@@ -9126,6 +9067,27 @@ func init() {
             "image": {
               "type": "string"
             },
+            "kms_mtls": {
+              "type": "object",
+              "properties": {
+                "ca": {
+                  "type": "string"
+                },
+                "crt": {
+                  "type": "string"
+                },
+                "key": {
+                  "type": "string"
+                }
+              }
+            },
+            "minio_mtls": {
+              "type": "object",
+              "$ref": "#/definitions/keyPairConfiguration"
+            },
+            "raw": {
+              "type": "string"
+            },
             "replicas": {
               "type": "string"
             },
@@ -9139,7 +9101,7 @@ func init() {
               "type": "object",
               "$ref": "#/definitions/securityContext"
             },
-            "server": {
+            "server_tls": {
               "type": "object",
               "$ref": "#/definitions/keyPairConfiguration"
             },
@@ -9178,10 +9140,26 @@ func init() {
             "image": {
               "type": "string"
             },
-            "mtls_client": {
+            "kms_mtls": {
+              "type": "object",
+              "properties": {
+                "ca": {
+                  "type": "object",
+                  "$ref": "#/definitions/certificateInfo"
+                },
+                "crt": {
+                  "type": "object",
+                  "$ref": "#/definitions/certificateInfo"
+                }
+              }
+            },
+            "minio_mtls": {
               "type": "object",
               "$ref": "#/definitions/certificateInfo"
             },
+            "raw": {
+              "type": "string"
+            },
             "replicas": {
               "type": "string"
             },
@@ -9189,7 +9167,7 @@ func init() {
               "type": "object",
               "$ref": "#/definitions/securityContext"
             },
-            "server": {
+            "server_tls": {
               "type": "object",
               "$ref": "#/definitions/certificateInfo"
             },
@@ -9364,17 +9342,6 @@ func init() {
             },
             "endpoint": {
               "type": "string"
-            },
-            "tls": {
-              "type": "object",
-              "required": [
-                "ca"
-              ],
-              "properties": {
-                "ca": {
-                  "type": "string"
-                }
-              }
             }
           }
         }
@@ -9414,18 +9381,6 @@ func init() {
             },
             "endpoint": {
               "type": "string"
-            },
-            "tls": {
-              "type": "object",
-              "required": [
-                "ca"
-              ],
-              "properties": {
-                "ca": {
-                  "type": "object",
-                  "$ref": "#/definitions/certificateInfo"
-                }
-              }
             }
           }
         }
@@ -9667,15 +9622,12 @@ func init() {
     "loginDetails": {
       "type": "object",
       "properties": {
-        "displayNames": {
-          "type": "array",
-          "items": {
-            "type": "string"
-          }
-        },
         "isDirectPV": {
           "type": "boolean"
         },
+        "isK8S": {
+          "type": "boolean"
+        },
         "loginStrategy": {
           "type": "string",
           "enum": [
@@ -9685,10 +9637,10 @@ func init() {
             "redirect-service-account"
           ]
         },
-        "redirect": {
+        "redirectRules": {
           "type": "array",
           "items": {
-            "type": "string"
+            "$ref": "#/definitions/redirectRule"
           }
         }
       }
@@ -10305,6 +10257,17 @@ func init() {
         }
       }
     },
+    "redirectRule": {
+      "type": "object",
+      "properties": {
+        "displayName": {
+          "type": "string"
+        },
+        "redirect": {
+          "type": "string"
+        }
+      }
+    },
     "resourceQuota": {
       "type": "object",
       "properties": {
@@ -11053,20 +11016,6 @@ func init() {
               "format": "int64"
             }
           }
-        },
-        "tls": {
-          "type": "object",
-          "properties": {
-            "ca": {
-              "type": "string"
-            },
-            "crt": {
-              "type": "string"
-            },
-            "key": {
-              "type": "string"
-            }
-          }
         }
       }
     },
@@ -11119,19 +11068,6 @@ func init() {
               "format": "int64"
             }
           }
-        },
-        "tls": {
-          "type": "object",
-          "properties": {
-            "ca": {
-              "type": "object",
-              "$ref": "#/definitions/certificateInfo"
-            },
-            "crt": {
-              "type": "object",
-              "$ref": "#/definitions/certificateInfo"
-            }
-          }
         }
       }
     },

operatorapi/login.go

@@ -25,6 +25,7 @@ import (
 	xoauth2 "golang.org/x/oauth2"
 
 	"github.com/minio/minio-go/v7/pkg/credentials"
+	"github.com/minio/pkg/env"
 
 	"github.com/minio/console/restapi"
 
@@ -93,6 +94,15 @@ func login(credentials restapi.ConsoleCredentialsI) (*string, error) {
 	return &token, nil
 }
 
+// isKubernetes returns true if minio is running in kubernetes.
+func isKubernetes() bool {
+	// Kubernetes env used to validate if we are
+	// indeed running inside a kubernetes pod
+	// is KUBERNETES_SERVICE_HOST
+	// https://github.com/kubernetes/kubernetes/blob/master/pkg/kubelet/kubelet_pods.go#L541
+	return env.Get("KUBERNETES_SERVICE_HOST", "") != ""
+}
+
 // getLoginDetailsResponse returns information regarding the Console authentication mechanism.
 func getLoginDetailsResponse(params authApi.LoginDetailParams) (*models.LoginDetails, *models.Error) {
 	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
@@ -101,12 +111,13 @@ func getLoginDetailsResponse(params authApi.LoginDetailParams) (*models.LoginDet
 	r := params.HTTPRequest
 
 	loginStrategy := models.LoginDetailsLoginStrategyServiceDashAccount
-	redirectURL := []string{}
+
+	var redirectRules []*models.RedirectRule
 
 	if oauth2.IsIDPEnabled() {
 		loginStrategy = models.LoginDetailsLoginStrategyRedirectDashServiceDashAccount
 		// initialize new oauth2 client
-		oauth2Client, err := oauth2.NewOauth2ProviderClient(nil, r, restapi.GetConsoleHTTPClient())
+		oauth2Client, err := oauth2.NewOauth2ProviderClient(nil, r, restapi.GetConsoleHTTPClient(""))
 		if err != nil {
 			return nil, restapi.ErrorWithContext(ctx, err)
 		}
@@ -115,13 +126,20 @@ func getLoginDetailsResponse(params authApi.LoginDetailParams) (*models.LoginDet
 			KeyFunc: oauth2.DefaultDerivedKey,
 			Client:  oauth2Client,
 		}
-		redirectURL = append(redirectURL, identityProvider.GenerateLoginURL())
+
+		newRedirectRule := &models.RedirectRule{
+			Redirect:    identityProvider.GenerateLoginURL(),
+			DisplayName: "Login with SSO",
+		}
+
+		redirectRules = append(redirectRules, newRedirectRule)
 	}
 
 	loginDetails := &models.LoginDetails{
 		LoginStrategy: loginStrategy,
-		Redirect:      redirectURL,
+		RedirectRules: redirectRules,
 		IsDirectPV:    getDirectPVEnabled(),
+		IsK8S:         isKubernetes(),
 	}
 	return loginDetails, nil
 }
@@ -144,7 +162,7 @@ func getLoginOauth2AuthResponse(params authApi.LoginOauth2AuthParams) (*models.L
 
 	if oauth2.IsIDPEnabled() {
 		// initialize new oauth2 client
-		oauth2Client, err := oauth2.NewOauth2ProviderClient(nil, r, restapi.GetConsoleHTTPClient())
+		oauth2Client, err := oauth2.NewOauth2ProviderClient(nil, r, restapi.GetConsoleHTTPClient(""))
 		if err != nil {
 			return nil, restapi.ErrorWithContext(ctx, err)
 		}

operatorapi/operator_subnet.go

@@ -88,7 +88,7 @@ func getOperatorSubnetLoginResponse(session *models.Principal, params operator_a
 	if username == "" || password == "" {
 		return nil, restapi.ErrorWithContext(ctx, errors.New("empty credentials"))
 	}
-	subnetHTTPClient := &xhttp.Client{Client: restapi.GetConsoleHTTPClient()}
+	subnetHTTPClient := &xhttp.Client{Client: restapi.GetConsoleHTTPClient("")}
 	token, mfa, err := restapi.SubnetLogin(subnetHTTPClient, username, password)
 	if err != nil {
 		return nil, restapi.ErrorWithContext(ctx, err)
@@ -102,7 +102,7 @@ func getOperatorSubnetLoginResponse(session *models.Principal, params operator_a
 func getOperatorSubnetLoginMFAResponse(session *models.Principal, params operator_api.OperatorSubnetLoginMFAParams) (*models.OperatorSubnetLoginResponse, *models.Error) {
 	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
 	defer cancel()
-	subnetHTTPClient := &xhttp.Client{Client: restapi.GetConsoleHTTPClient()}
+	subnetHTTPClient := &xhttp.Client{Client: restapi.GetConsoleHTTPClient("")}
 	res, err := subnet.LoginWithMFA(subnetHTTPClient, *params.Body.Username, *params.Body.MfaToken, *params.Body.Otp)
 	if err != nil {
 		return nil, restapi.ErrorWithContext(ctx, err)
@@ -115,7 +115,7 @@ func getOperatorSubnetLoginMFAResponse(session *models.Principal, params operato
 func getOperatorSubnetAPIKeyResponse(session *models.Principal, params operator_api.OperatorSubnetAPIKeyParams) (*models.OperatorSubnetAPIKey, *models.Error) {
 	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
 	defer cancel()
-	subnetHTTPClient := &xhttp.Client{Client: restapi.GetConsoleHTTPClient()}
+	subnetHTTPClient := &xhttp.Client{Client: restapi.GetConsoleHTTPClient("")}
 	token := params.HTTPRequest.URL.Query().Get("token")
 	apiKey, err := subnet.GetAPIKey(subnetHTTPClient, token)
 	if err != nil {

operatorapi/tenant_add.go

@@ -291,9 +291,9 @@ func getTenantCreatedResponse(session *models.Principal, params operator_api.Cre
 	// If encryption configuration is present and TLS will be enabled (using AutoCert or External certificates)
 	if tenantReq.Encryption != nil && canEncryptionBeEnabled {
 		// KES client mTLSCertificates used by MinIO instance
-		if tenantReq.Encryption.Client != nil {
+		if tenantReq.Encryption.MinioMtls != nil {
 			tenantExternalClientCertSecretName := fmt.Sprintf("%s-external-client-certificate-kes", tenantName)
-			certificates := []*models.KeyPairConfiguration{tenantReq.Encryption.Client}
+			certificates := []*models.KeyPairConfiguration{tenantReq.Encryption.MinioMtls}
 			certificateSecrets, err := createOrReplaceExternalCertSecrets(ctx, &k8sClient, ns, certificates, tenantExternalClientCertSecretName, tenantName)
 			if err != nil {
 				return nil, restapi.ErrorWithContext(ctx, restapi.ErrDefault)

operatorapi/tenant_logs_handlers.go

@@ -0,0 +1,455 @@
+package operatorapi
+
+import (
+	"context"
+	"fmt"
+	"reflect"
+	"strconv"
+
+	"github.com/dustin/go-humanize"
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/go-openapi/swag"
+	"github.com/minio/console/cluster"
+	"github.com/minio/console/models"
+	"github.com/minio/console/operatorapi/operations"
+	"github.com/minio/console/operatorapi/operations/operator_api"
+	"github.com/minio/console/restapi"
+	miniov2 "github.com/minio/operator/pkg/apis/minio.min.io/v2"
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/resource"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+func registerTenantLogsHandlers(api *operations.OperatorAPI) {
+	api.OperatorAPIGetTenantLogsHandler = operator_api.GetTenantLogsHandlerFunc(func(params operator_api.GetTenantLogsParams, session *models.Principal) middleware.Responder {
+		payload, err := getTenantLogsResponse(session, params)
+		if err != nil {
+			return operator_api.NewGetTenantLogsDefault(int(err.Code)).WithPayload(err)
+		}
+		return operator_api.NewGetTenantLogsOK().WithPayload(payload)
+	})
+
+	api.OperatorAPISetTenantLogsHandler = operator_api.SetTenantLogsHandlerFunc(func(params operator_api.SetTenantLogsParams, session *models.Principal) middleware.Responder {
+		payload, err := setTenantLogsResponse(session, params)
+		if err != nil {
+			return operator_api.NewSetTenantLogsDefault(int(err.Code)).WithPayload(err)
+		}
+		return operator_api.NewSetTenantLogsOK().WithPayload(payload)
+	})
+
+	api.OperatorAPIEnableTenantLoggingHandler = operator_api.EnableTenantLoggingHandlerFunc(func(params operator_api.EnableTenantLoggingParams, session *models.Principal) middleware.Responder {
+		payload, err := enableTenantLoggingResponse(session, params)
+		if err != nil {
+			return operator_api.NewEnableTenantLoggingDefault(int(err.Code)).WithPayload(err)
+		}
+		return operator_api.NewEnableTenantLoggingOK().WithPayload(payload)
+	})
+
+	api.OperatorAPIDisableTenantLoggingHandler = operator_api.DisableTenantLoggingHandlerFunc(func(params operator_api.DisableTenantLoggingParams, session *models.Principal) middleware.Responder {
+		payload, err := disableTenantLoggingResponse(session, params)
+		if err != nil {
+			return operator_api.NewDisableTenantLoggingDefault(int(err.Code)).WithPayload(err)
+		}
+		return operator_api.NewDisableTenantLoggingOK().WithPayload(payload)
+	})
+}
+
+// getTenantLogsResponse returns the Audit Log and Log DB configuration of a tenant
+func getTenantLogsResponse(session *models.Principal, params operator_api.GetTenantLogsParams) (*models.TenantLogs, *models.Error) {
+	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
+	defer cancel()
+
+	opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken)
+	if err != nil {
+		return nil, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantLogs)
+	}
+
+	opClient := &operatorClient{
+		client: opClientClientSet,
+	}
+
+	minTenant, err := getTenant(ctx, opClient, params.Namespace, params.Tenant)
+	if err != nil {
+		return nil, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantLogs)
+	}
+	if minTenant.Spec.Log == nil {
+		return &models.TenantLogs{
+			Disabled: true,
+		}, nil
+	}
+	annotations := []*models.Annotation{}
+	for k, v := range minTenant.Spec.Log.Annotations {
+		annotations = append(annotations, &models.Annotation{Key: k, Value: v})
+	}
+	labels := []*models.Label{}
+	for k, v := range minTenant.Spec.Log.Labels {
+		labels = append(labels, &models.Label{Key: k, Value: v})
+	}
+	nodeSelector := []*models.NodeSelector{}
+	for k, v := range minTenant.Spec.Log.NodeSelector {
+		nodeSelector = append(nodeSelector, &models.NodeSelector{Key: k, Value: v})
+	}
+	if minTenant.Spec.Log.Db == nil {
+		minTenant.Spec.Log.Db = &miniov2.LogDbConfig{}
+	}
+	dbAnnotations := []*models.Annotation{}
+	for k, v := range minTenant.Spec.Log.Db.Annotations {
+		dbAnnotations = append(dbAnnotations, &models.Annotation{Key: k, Value: v})
+	}
+	dbLabels := []*models.Label{}
+	for k, v := range minTenant.Spec.Log.Db.Labels {
+		dbLabels = append(dbLabels, &models.Label{Key: k, Value: v})
+	}
+	dbNodeSelector := []*models.NodeSelector{}
+	for k, v := range minTenant.Spec.Log.Db.NodeSelector {
+		dbNodeSelector = append(dbNodeSelector, &models.NodeSelector{Key: k, Value: v})
+	}
+	var logSecurityContext *models.SecurityContext
+	var logDBSecurityContext *models.SecurityContext
+
+	if minTenant.Spec.Log.SecurityContext != nil {
+		logSecurityContext = convertK8sSCToModelSC(minTenant.Spec.Log.SecurityContext)
+	}
+	if minTenant.Spec.Log.Db.SecurityContext != nil {
+		logDBSecurityContext = convertK8sSCToModelSC(minTenant.Spec.Log.Db.SecurityContext)
+	}
+
+	if minTenant.Spec.Log.Audit == nil || minTenant.Spec.Log.Audit.DiskCapacityGB == nil {
+		minTenant.Spec.Log.Audit = &miniov2.AuditConfig{DiskCapacityGB: swag.Int(0)}
+	}
+
+	tenantLoggingConfiguration := &models.TenantLogs{
+		Image:                minTenant.Spec.Log.Image,
+		DiskCapacityGB:       fmt.Sprintf("%d", *minTenant.Spec.Log.Audit.DiskCapacityGB),
+		Annotations:          annotations,
+		Labels:               labels,
+		NodeSelector:         nodeSelector,
+		ServiceAccountName:   minTenant.Spec.Log.ServiceAccountName,
+		SecurityContext:      logSecurityContext,
+		DbImage:              minTenant.Spec.Log.Db.Image,
+		DbInitImage:          minTenant.Spec.Log.Db.InitImage,
+		DbAnnotations:        dbAnnotations,
+		DbLabels:             dbLabels,
+		DbNodeSelector:       dbNodeSelector,
+		DbServiceAccountName: minTenant.Spec.Log.Db.ServiceAccountName,
+		DbSecurityContext:    logDBSecurityContext,
+		Disabled:             false,
+	}
+
+	var requestedCPU string
+	var requestedMem string
+	var requestedDBCPU string
+	var requestedDBMem string
+
+	if minTenant.Spec.Log.Resources.Requests != nil {
+		requestedCPUQ := minTenant.Spec.Log.Resources.Requests["cpu"]
+		requestedCPU = strconv.FormatInt(requestedCPUQ.Value(), 10)
+		requestedMemQ := minTenant.Spec.Log.Resources.Requests["memory"]
+		requestedMem = strconv.FormatInt(requestedMemQ.Value(), 10)
+
+		requestedDBCPUQ := minTenant.Spec.Log.Db.Resources.Requests["cpu"]
+		requestedDBCPU = strconv.FormatInt(requestedDBCPUQ.Value(), 10)
+		requestedDBMemQ := minTenant.Spec.Log.Db.Resources.Requests["memory"]
+		requestedDBMem = strconv.FormatInt(requestedDBMemQ.Value(), 10)
+
+		tenantLoggingConfiguration.LogCPURequest = requestedCPU
+		tenantLoggingConfiguration.LogMemRequest = requestedMem
+		tenantLoggingConfiguration.LogDBCPURequest = requestedDBCPU
+		tenantLoggingConfiguration.LogDBMemRequest = requestedDBMem
+	}
+	return tenantLoggingConfiguration, nil
+}
+
+// setTenantLogsResponse updates the Audit Log and Log DB configuration for the tenant
+func setTenantLogsResponse(session *models.Principal, params operator_api.SetTenantLogsParams) (bool, *models.Error) {
+	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
+	defer cancel()
+	opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken)
+	if err != nil {
+		return false, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantUsage)
+	}
+
+	opClient := &operatorClient{
+		client: opClientClientSet,
+	}
+
+	minTenant, err := getTenant(ctx, opClient, params.Namespace, params.Tenant)
+	if err != nil {
+		return false, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantUsage)
+	}
+
+	labels := make(map[string]string)
+	if params.Data.Labels != nil {
+		for i := 0; i < len(params.Data.Labels); i++ {
+			if params.Data.Labels[i] != nil {
+				labels[params.Data.Labels[i].Key] = params.Data.Labels[i].Value
+			}
+		}
+		minTenant.Spec.Log.Labels = labels
+	}
+
+	if params.Data.Annotations != nil {
+		annotations := make(map[string]string)
+		for i := 0; i < len(params.Data.Annotations); i++ {
+			if params.Data.Annotations[i] != nil {
+				annotations[params.Data.Annotations[i].Key] = params.Data.Annotations[i].Value
+			}
+		}
+		minTenant.Spec.Log.Annotations = annotations
+	}
+	if params.Data.NodeSelector != nil {
+		nodeSelector := make(map[string]string)
+		for i := 0; i < len(params.Data.NodeSelector); i++ {
+			if params.Data.NodeSelector[i] != nil {
+				nodeSelector[params.Data.NodeSelector[i].Key] = params.Data.NodeSelector[i].Value
+			}
+		}
+		minTenant.Spec.Log.NodeSelector = nodeSelector
+	}
+	logResourceRequest := make(corev1.ResourceList)
+	if len(params.Data.LogCPURequest) > 0 {
+		if reflect.TypeOf(params.Data.LogCPURequest).Kind() == reflect.String && params.Data.LogCPURequest != "0Gi" && params.Data.LogCPURequest != "" {
+			cpuQuantity, err := resource.ParseQuantity(params.Data.LogCPURequest)
+			if err != nil {
+				return false, restapi.ErrorWithContext(ctx, err)
+			}
+			logResourceRequest["cpu"] = cpuQuantity
+			minTenant.Spec.Log.Resources.Requests = logResourceRequest
+		}
+	}
+	if len(params.Data.LogMemRequest) > 0 {
+		if reflect.TypeOf(params.Data.LogMemRequest).Kind() == reflect.String && params.Data.LogMemRequest != "" {
+			memQuantity, err := resource.ParseQuantity(params.Data.LogMemRequest)
+			if err != nil {
+				return false, restapi.ErrorWithContext(ctx, err)
+			}
+
+			logResourceRequest["memory"] = memQuantity
+			minTenant.Spec.Log.Resources.Requests = logResourceRequest
+		}
+	}
+
+	modified := false
+	if minTenant.Spec.Log.Db != nil {
+		modified = true
+	}
+	dbLabels := make(map[string]string)
+	if params.Data.DbLabels != nil {
+		for i := 0; i < len(params.Data.DbLabels); i++ {
+			if params.Data.DbLabels[i] != nil {
+				dbLabels[params.Data.DbLabels[i].Key] = params.Data.DbLabels[i].Value
+			}
+			modified = true
+		}
+	}
+	dbAnnotations := make(map[string]string)
+	if params.Data.DbAnnotations != nil {
+		for i := 0; i < len(params.Data.DbAnnotations); i++ {
+			if params.Data.DbAnnotations[i] != nil {
+				dbAnnotations[params.Data.DbAnnotations[i].Key] = params.Data.DbAnnotations[i].Value
+			}
+			modified = true
+		}
+	}
+	dbNodeSelector := make(map[string]string)
+	if params.Data.DbNodeSelector != nil {
+		for i := 0; i < len(params.Data.DbNodeSelector); i++ {
+			if params.Data.DbNodeSelector[i] != nil {
+				dbNodeSelector[params.Data.DbNodeSelector[i].Key] = params.Data.DbNodeSelector[i].Value
+			}
+			modified = true
+		}
+	}
+	logDBResourceRequest := make(corev1.ResourceList)
+	if len(params.Data.LogDBCPURequest) > 0 {
+		if reflect.TypeOf(params.Data.LogDBCPURequest).Kind() == reflect.String && params.Data.LogDBCPURequest != "0Gi" && params.Data.LogDBCPURequest != "" {
+			dbCPUQuantity, err := resource.ParseQuantity(params.Data.LogDBCPURequest)
+			if err != nil {
+				return false, restapi.ErrorWithContext(ctx, err)
+			}
+			logDBResourceRequest["cpu"] = dbCPUQuantity
+			minTenant.Spec.Log.Db.Resources.Requests = logDBResourceRequest
+		}
+	}
+	if len(params.Data.LogDBMemRequest) > 0 {
+		if reflect.TypeOf(params.Data.LogDBMemRequest).Kind() == reflect.String && params.Data.LogDBMemRequest != "" {
+			dbMemQuantity, err := resource.ParseQuantity(params.Data.LogDBMemRequest)
+			if err != nil {
+				return false, restapi.ErrorWithContext(ctx, err)
+			}
+			logDBResourceRequest["memory"] = dbMemQuantity
+			minTenant.Spec.Log.Db.Resources.Requests = logDBResourceRequest
+		}
+	}
+	if len(params.Data.Image) > 0 {
+		minTenant.Spec.Log.Image = params.Data.Image
+	}
+	if params.Data.SecurityContext != nil {
+		minTenant.Spec.Log.SecurityContext, err = convertModelSCToK8sSC(params.Data.SecurityContext)
+		if err != nil {
+			return false, restapi.ErrorWithContext(ctx, err)
+		}
+	}
+	if len(params.Data.DiskCapacityGB) > 0 {
+		diskCapacityGB, err := strconv.Atoi(params.Data.DiskCapacityGB)
+		if err == nil {
+			if minTenant.Spec.Log.Audit != nil && minTenant.Spec.Log.Audit.DiskCapacityGB != nil {
+				*minTenant.Spec.Log.Audit.DiskCapacityGB = diskCapacityGB
+			} else {
+				minTenant.Spec.Log.Audit = &miniov2.AuditConfig{DiskCapacityGB: swag.Int(diskCapacityGB)}
+			}
+		}
+	}
+	if len(params.Data.ServiceAccountName) > 0 {
+		minTenant.Spec.Log.ServiceAccountName = params.Data.ServiceAccountName
+	}
+	if params.Data.DbLabels != nil {
+
+		if params.Data.DbImage != "" || params.Data.DbServiceAccountName != "" {
+			modified = true
+		}
+		if modified {
+			if minTenant.Spec.Log.Db == nil {
+				// Default class name for Log search
+				diskSpaceFromAPI := int64(5) * humanize.GiByte // Default is 5Gi
+				logSearchStorageClass := "standard"
+
+				logSearchDiskSpace := resource.NewQuantity(diskSpaceFromAPI, resource.DecimalExponent)
+
+				minTenant.Spec.Log.Db = &miniov2.LogDbConfig{
+					VolumeClaimTemplate: &corev1.PersistentVolumeClaim{
+						ObjectMeta: metav1.ObjectMeta{
+							Name: params.Tenant + "-log",
+						},
+						Spec: corev1.PersistentVolumeClaimSpec{
+							AccessModes: []corev1.PersistentVolumeAccessMode{
+								corev1.ReadWriteOnce,
+							},
+							Resources: corev1.ResourceRequirements{
+								Requests: corev1.ResourceList{
+									corev1.ResourceStorage: *logSearchDiskSpace,
+								},
+							},
+							StorageClassName: &logSearchStorageClass,
+						},
+					},
+					Labels:             dbLabels,
+					Annotations:        dbAnnotations,
+					NodeSelector:       dbNodeSelector,
+					Image:              params.Data.DbImage,
+					ServiceAccountName: params.Data.DbServiceAccountName,
+					Resources: corev1.ResourceRequirements{
+						Requests: minTenant.Spec.Log.Db.Resources.Requests,
+					},
+				}
+			} else {
+				minTenant.Spec.Log.Db.Labels = dbLabels
+				minTenant.Spec.Log.Db.Annotations = dbAnnotations
+				minTenant.Spec.Log.Db.NodeSelector = dbNodeSelector
+				minTenant.Spec.Log.Db.Image = params.Data.DbImage
+				minTenant.Spec.Log.Db.InitImage = params.Data.DbInitImage
+				minTenant.Spec.Log.Db.ServiceAccountName = params.Data.DbServiceAccountName
+				minTenant.Spec.Log.Db.SecurityContext, err = convertModelSCToK8sSC(params.Data.DbSecurityContext)
+				if err != nil {
+					return false, restapi.ErrorWithContext(ctx, err)
+				}
+			}
+		}
+	}
+
+	_, err = opClient.TenantUpdate(ctx, minTenant, metav1.UpdateOptions{})
+	if err != nil {
+		return false, restapi.ErrorWithContext(ctx, err)
+	}
+	return true, nil
+}
+
+// enableTenantLoggingResponse enables Tenant Logging
+func enableTenantLoggingResponse(session *models.Principal, params operator_api.EnableTenantLoggingParams) (bool, *models.Error) {
+	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
+	defer cancel()
+
+	opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken)
+	if err != nil {
+		return false, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantUsage)
+	}
+
+	opClient := &operatorClient{
+		client: opClientClientSet,
+	}
+
+	minTenant, err := getTenant(ctx, opClient, params.Namespace, params.Tenant)
+	if err != nil {
+		return false, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantUsage)
+	}
+	minTenant.EnsureDefaults()
+	// Default class name for Log search
+	diskSpaceFromAPI := int64(5) * humanize.GiByte // Default is 5Gi
+	logSearchStorageClass := "standard"
+
+	logSearchDiskSpace := resource.NewQuantity(diskSpaceFromAPI, resource.DecimalExponent)
+
+	auditMaxCap := 10
+	if (diskSpaceFromAPI / humanize.GiByte) < int64(auditMaxCap) {
+		auditMaxCap = int(diskSpaceFromAPI / humanize.GiByte)
+	}
+
+	minTenant.Spec.Log = &miniov2.LogConfig{
+		Audit: &miniov2.AuditConfig{DiskCapacityGB: swag.Int(auditMaxCap)},
+		Db: &miniov2.LogDbConfig{
+			VolumeClaimTemplate: &corev1.PersistentVolumeClaim{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: params.Tenant + "-log",
+				},
+				Spec: corev1.PersistentVolumeClaimSpec{
+					AccessModes: []corev1.PersistentVolumeAccessMode{
+						corev1.ReadWriteOnce,
+					},
+					Resources: corev1.ResourceRequirements{
+						Requests: corev1.ResourceList{
+							corev1.ResourceStorage: *logSearchDiskSpace,
+						},
+					},
+					StorageClassName: &logSearchStorageClass,
+				},
+			},
+		},
+	}
+
+	_, err = opClient.TenantUpdate(ctx, minTenant, metav1.UpdateOptions{})
+	if err != nil {
+		return false, restapi.ErrorWithContext(ctx, err)
+	}
+	return true, nil
+}
+
+// disableTenantLoggingResponse disables Tenant Logging
+func disableTenantLoggingResponse(session *models.Principal, params operator_api.DisableTenantLoggingParams) (bool, *models.Error) {
+	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
+	defer cancel()
+
+	opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken)
+	if err != nil {
+		return false, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantUsage)
+	}
+	if err != nil {
+		return false, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantUsage)
+	}
+
+	opClient := &operatorClient{
+		client: opClientClientSet,
+	}
+
+	minTenant, err := getTenant(ctx, opClient, params.Namespace, params.Tenant)
+	if err != nil {
+		return false, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantUsage)
+	}
+	minTenant.EnsureDefaults()
+	minTenant.Spec.Log = nil
+
+	_, err = opClient.TenantUpdate(ctx, minTenant, metav1.UpdateOptions{})
+	if err != nil {
+		return false, restapi.ErrorWithContext(ctx, err)
+	}
+	return true, nil
+}

operatorapi/tenants.go

@@ -27,7 +27,6 @@ import (
 	"fmt"
 	"net"
 	"net/http"
-	"reflect"
 	"sort"
 	"strconv"
 	"strings"
@@ -35,8 +34,7 @@ import (
 
 	utils2 "github.com/minio/console/pkg/http"
 
-	"github.com/dustin/go-humanize"
-	"github.com/minio/madmin-go"
+	"github.com/minio/madmin-go/v2"
 
 	"github.com/minio/console/restapi"
 
@@ -218,39 +216,7 @@ func registerTenantHandlers(api *operations.OperatorAPI) {
 		return operator_api.NewGetTenantUsageOK().WithPayload(payload)
 	})
 
-	// Get Tenant Logs
-	api.OperatorAPIGetTenantLogsHandler = operator_api.GetTenantLogsHandlerFunc(func(params operator_api.GetTenantLogsParams, session *models.Principal) middleware.Responder {
-		payload, err := getTenantLogsResponse(session, params)
-		if err != nil {
-			return operator_api.NewGetTenantLogsDefault(int(err.Code)).WithPayload(err)
-		}
-		return operator_api.NewGetTenantLogsOK().WithPayload(payload)
-	})
-
-	api.OperatorAPISetTenantLogsHandler = operator_api.SetTenantLogsHandlerFunc(func(params operator_api.SetTenantLogsParams, session *models.Principal) middleware.Responder {
-		payload, err := setTenantLogsResponse(session, params)
-		if err != nil {
-			return operator_api.NewSetTenantLogsDefault(int(err.Code)).WithPayload(err)
-		}
-		return operator_api.NewSetTenantLogsOK().WithPayload(payload)
-	})
-
-	// Get Tenant Logs
-	api.OperatorAPIEnableTenantLoggingHandler = operator_api.EnableTenantLoggingHandlerFunc(func(params operator_api.EnableTenantLoggingParams, session *models.Principal) middleware.Responder {
-		payload, err := enableTenantLoggingResponse(session, params)
-		if err != nil {
-			return operator_api.NewEnableTenantLoggingDefault(int(err.Code)).WithPayload(err)
-		}
-		return operator_api.NewEnableTenantLoggingOK().WithPayload(payload)
-	})
-
-	api.OperatorAPIDisableTenantLoggingHandler = operator_api.DisableTenantLoggingHandlerFunc(func(params operator_api.DisableTenantLoggingParams, session *models.Principal) middleware.Responder {
-		payload, err := disableTenantLoggingResponse(session, params)
-		if err != nil {
-			return operator_api.NewDisableTenantLoggingDefault(int(err.Code)).WithPayload(err)
-		}
-		return operator_api.NewDisableTenantLoggingOK().WithPayload(payload)
-	})
+	registerTenantLogsHandlers(api)
 
 	api.OperatorAPIGetTenantPodsHandler = operator_api.GetTenantPodsHandlerFunc(func(params operator_api.GetTenantPodsParams, session *models.Principal) middleware.Responder {
 		payload, err := getTenantPodsResponse(session, params)
@@ -1571,406 +1537,6 @@ func getTenantUsageResponse(session *models.Principal, params operator_api.GetTe
 	return info, nil
 }
 
-// getTenantLogsResponse returns the Audit Log and Log DB configuration of a tenant
-func getTenantLogsResponse(session *models.Principal, params operator_api.GetTenantLogsParams) (*models.TenantLogs, *models.Error) {
-	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
-	defer cancel()
-
-	opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken)
-	if err != nil {
-		return nil, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantLogs)
-	}
-
-	opClient := &operatorClient{
-		client: opClientClientSet,
-	}
-
-	minTenant, err := getTenant(ctx, opClient, params.Namespace, params.Tenant)
-	if err != nil {
-		return nil, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantLogs)
-	}
-	if minTenant.Spec.Log == nil {
-		return &models.TenantLogs{
-			Disabled: true,
-		}, nil
-	}
-	annotations := []*models.Annotation{}
-	for k, v := range minTenant.Spec.Log.Annotations {
-		annotations = append(annotations, &models.Annotation{Key: k, Value: v})
-	}
-	labels := []*models.Label{}
-	for k, v := range minTenant.Spec.Log.Labels {
-		labels = append(labels, &models.Label{Key: k, Value: v})
-	}
-	nodeSelector := []*models.NodeSelector{}
-	for k, v := range minTenant.Spec.Log.NodeSelector {
-		nodeSelector = append(nodeSelector, &models.NodeSelector{Key: k, Value: v})
-	}
-	if minTenant.Spec.Log.Db == nil {
-		minTenant.Spec.Log.Db = &miniov2.LogDbConfig{}
-	}
-	dbAnnotations := []*models.Annotation{}
-	for k, v := range minTenant.Spec.Log.Db.Annotations {
-		dbAnnotations = append(dbAnnotations, &models.Annotation{Key: k, Value: v})
-	}
-	dbLabels := []*models.Label{}
-	for k, v := range minTenant.Spec.Log.Db.Labels {
-		dbLabels = append(dbLabels, &models.Label{Key: k, Value: v})
-	}
-	dbNodeSelector := []*models.NodeSelector{}
-	for k, v := range minTenant.Spec.Log.Db.NodeSelector {
-		dbNodeSelector = append(dbNodeSelector, &models.NodeSelector{Key: k, Value: v})
-	}
-	var logSecurityContext *models.SecurityContext
-	var logDBSecurityContext *models.SecurityContext
-
-	if minTenant.Spec.Log.SecurityContext != nil {
-		logSecurityContext = convertK8sSCToModelSC(minTenant.Spec.Log.SecurityContext)
-	}
-	if minTenant.Spec.Log.Db.SecurityContext != nil {
-		logDBSecurityContext = convertK8sSCToModelSC(minTenant.Spec.Log.Db.SecurityContext)
-	}
-
-	if minTenant.Spec.Log.Audit == nil || minTenant.Spec.Log.Audit.DiskCapacityGB == nil {
-		minTenant.Spec.Log.Audit = &miniov2.AuditConfig{DiskCapacityGB: swag.Int(0)}
-	}
-
-	tenantLoggingConfiguration := &models.TenantLogs{
-		Image:                minTenant.Spec.Log.Image,
-		DiskCapacityGB:       fmt.Sprintf("%d", *minTenant.Spec.Log.Audit.DiskCapacityGB),
-		Annotations:          annotations,
-		Labels:               labels,
-		NodeSelector:         nodeSelector,
-		ServiceAccountName:   minTenant.Spec.Log.ServiceAccountName,
-		SecurityContext:      logSecurityContext,
-		DbImage:              minTenant.Spec.Log.Db.Image,
-		DbInitImage:          minTenant.Spec.Log.Db.InitImage,
-		DbAnnotations:        dbAnnotations,
-		DbLabels:             dbLabels,
-		DbNodeSelector:       dbNodeSelector,
-		DbServiceAccountName: minTenant.Spec.Log.Db.ServiceAccountName,
-		DbSecurityContext:    logDBSecurityContext,
-		Disabled:             false,
-	}
-
-	var requestedCPU string
-	var requestedMem string
-	var requestedDBCPU string
-	var requestedDBMem string
-
-	if minTenant.Spec.Log.Resources.Requests != nil {
-		requestedCPUQ := minTenant.Spec.Log.Resources.Requests["cpu"]
-		requestedCPU = strconv.FormatInt(requestedCPUQ.Value(), 10)
-		requestedMemQ := minTenant.Spec.Log.Resources.Requests["memory"]
-		requestedMem = strconv.FormatInt(requestedMemQ.Value(), 10)
-
-		requestedDBCPUQ := minTenant.Spec.Log.Db.Resources.Requests["cpu"]
-		requestedDBCPU = strconv.FormatInt(requestedDBCPUQ.Value(), 10)
-		requestedDBMemQ := minTenant.Spec.Log.Db.Resources.Requests["memory"]
-		requestedDBMem = strconv.FormatInt(requestedDBMemQ.Value(), 10)
-
-		tenantLoggingConfiguration.LogCPURequest = requestedCPU
-		tenantLoggingConfiguration.LogMemRequest = requestedMem
-		tenantLoggingConfiguration.LogDBCPURequest = requestedDBCPU
-		tenantLoggingConfiguration.LogDBMemRequest = requestedDBMem
-	}
-	return tenantLoggingConfiguration, nil
-}
-
-// setTenantLogsResponse updates the Audit Log and Log DB configuration for the tenant
-func setTenantLogsResponse(session *models.Principal, params operator_api.SetTenantLogsParams) (bool, *models.Error) {
-	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
-	defer cancel()
-	opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken)
-	if err != nil {
-		return false, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantUsage)
-	}
-
-	opClient := &operatorClient{
-		client: opClientClientSet,
-	}
-
-	minTenant, err := getTenant(ctx, opClient, params.Namespace, params.Tenant)
-	if err != nil {
-		return false, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantUsage)
-	}
-
-	labels := make(map[string]string)
-	if params.Data.Labels != nil {
-		for i := 0; i < len(params.Data.Labels); i++ {
-			if params.Data.Labels[i] != nil {
-				labels[params.Data.Labels[i].Key] = params.Data.Labels[i].Value
-			}
-		}
-		minTenant.Spec.Log.Labels = labels
-	}
-
-	if params.Data.Annotations != nil {
-		annotations := make(map[string]string)
-		for i := 0; i < len(params.Data.Annotations); i++ {
-			if params.Data.Annotations[i] != nil {
-				annotations[params.Data.Annotations[i].Key] = params.Data.Annotations[i].Value
-			}
-		}
-		minTenant.Spec.Log.Annotations = annotations
-	}
-	if params.Data.NodeSelector != nil {
-		nodeSelector := make(map[string]string)
-		for i := 0; i < len(params.Data.NodeSelector); i++ {
-			if params.Data.NodeSelector[i] != nil {
-				nodeSelector[params.Data.NodeSelector[i].Key] = params.Data.NodeSelector[i].Value
-			}
-		}
-		minTenant.Spec.Log.NodeSelector = nodeSelector
-	}
-	logResourceRequest := make(corev1.ResourceList)
-	if len(params.Data.LogCPURequest) > 0 {
-		if reflect.TypeOf(params.Data.LogCPURequest).Kind() == reflect.String && params.Data.LogCPURequest != "0Gi" && params.Data.LogCPURequest != "" {
-			cpuQuantity, err := resource.ParseQuantity(params.Data.LogCPURequest)
-			if err != nil {
-				return false, restapi.ErrorWithContext(ctx, err)
-			}
-			logResourceRequest["cpu"] = cpuQuantity
-			minTenant.Spec.Log.Resources.Requests = logResourceRequest
-		}
-	}
-	if len(params.Data.LogMemRequest) > 0 {
-		if reflect.TypeOf(params.Data.LogMemRequest).Kind() == reflect.String && params.Data.LogMemRequest != "" {
-			memQuantity, err := resource.ParseQuantity(params.Data.LogMemRequest)
-			if err != nil {
-				return false, restapi.ErrorWithContext(ctx, err)
-			}
-
-			logResourceRequest["memory"] = memQuantity
-			minTenant.Spec.Log.Resources.Requests = logResourceRequest
-		}
-	}
-
-	modified := false
-	if minTenant.Spec.Log.Db != nil {
-		modified = true
-	}
-	dbLabels := make(map[string]string)
-	if params.Data.DbLabels != nil {
-		for i := 0; i < len(params.Data.DbLabels); i++ {
-			if params.Data.DbLabels[i] != nil {
-				dbLabels[params.Data.DbLabels[i].Key] = params.Data.DbLabels[i].Value
-			}
-			modified = true
-		}
-	}
-	dbAnnotations := make(map[string]string)
-	if params.Data.DbAnnotations != nil {
-		for i := 0; i < len(params.Data.DbAnnotations); i++ {
-			if params.Data.DbAnnotations[i] != nil {
-				dbAnnotations[params.Data.DbAnnotations[i].Key] = params.Data.DbAnnotations[i].Value
-			}
-			modified = true
-		}
-	}
-	dbNodeSelector := make(map[string]string)
-	if params.Data.DbNodeSelector != nil {
-		for i := 0; i < len(params.Data.DbNodeSelector); i++ {
-			if params.Data.DbNodeSelector[i] != nil {
-				dbNodeSelector[params.Data.DbNodeSelector[i].Key] = params.Data.DbNodeSelector[i].Value
-			}
-			modified = true
-		}
-	}
-	logDBResourceRequest := make(corev1.ResourceList)
-	if len(params.Data.LogDBCPURequest) > 0 {
-		if reflect.TypeOf(params.Data.LogDBCPURequest).Kind() == reflect.String && params.Data.LogDBCPURequest != "0Gi" && params.Data.LogDBCPURequest != "" {
-			dbCPUQuantity, err := resource.ParseQuantity(params.Data.LogDBCPURequest)
-			if err != nil {
-				return false, restapi.ErrorWithContext(ctx, err)
-			}
-			logDBResourceRequest["cpu"] = dbCPUQuantity
-			minTenant.Spec.Log.Db.Resources.Requests = logDBResourceRequest
-		}
-	}
-	if len(params.Data.LogDBMemRequest) > 0 {
-		if reflect.TypeOf(params.Data.LogDBMemRequest).Kind() == reflect.String && params.Data.LogDBMemRequest != "" {
-			dbMemQuantity, err := resource.ParseQuantity(params.Data.LogDBMemRequest)
-			if err != nil {
-				return false, restapi.ErrorWithContext(ctx, err)
-			}
-			logDBResourceRequest["memory"] = dbMemQuantity
-			minTenant.Spec.Log.Db.Resources.Requests = logDBResourceRequest
-		}
-	}
-	if len(params.Data.Image) > 0 {
-		minTenant.Spec.Log.Image = params.Data.Image
-	}
-	if params.Data.SecurityContext != nil {
-		minTenant.Spec.Log.SecurityContext, err = convertModelSCToK8sSC(params.Data.SecurityContext)
-		if err != nil {
-			return false, restapi.ErrorWithContext(ctx, err)
-		}
-	}
-	if len(params.Data.DiskCapacityGB) > 0 {
-		diskCapacityGB, err := strconv.Atoi(params.Data.DiskCapacityGB)
-		if err == nil {
-			if minTenant.Spec.Log.Audit != nil && minTenant.Spec.Log.Audit.DiskCapacityGB != nil {
-				*minTenant.Spec.Log.Audit.DiskCapacityGB = diskCapacityGB
-			} else {
-				minTenant.Spec.Log.Audit = &miniov2.AuditConfig{DiskCapacityGB: swag.Int(diskCapacityGB)}
-			}
-		}
-	}
-	if len(params.Data.ServiceAccountName) > 0 {
-		minTenant.Spec.Log.ServiceAccountName = params.Data.ServiceAccountName
-	}
-	if params.Data.DbLabels != nil {
-
-		if params.Data.DbImage != "" || params.Data.DbServiceAccountName != "" {
-			modified = true
-		}
-		if modified {
-			if minTenant.Spec.Log.Db == nil {
-				// Default class name for Log search
-				diskSpaceFromAPI := int64(5) * humanize.GiByte // Default is 5Gi
-				logSearchStorageClass := "standard"
-
-				logSearchDiskSpace := resource.NewQuantity(diskSpaceFromAPI, resource.DecimalExponent)
-
-				minTenant.Spec.Log.Db = &miniov2.LogDbConfig{
-					VolumeClaimTemplate: &corev1.PersistentVolumeClaim{
-						ObjectMeta: metav1.ObjectMeta{
-							Name: params.Tenant + "-log",
-						},
-						Spec: corev1.PersistentVolumeClaimSpec{
-							AccessModes: []corev1.PersistentVolumeAccessMode{
-								corev1.ReadWriteOnce,
-							},
-							Resources: corev1.ResourceRequirements{
-								Requests: corev1.ResourceList{
-									corev1.ResourceStorage: *logSearchDiskSpace,
-								},
-							},
-							StorageClassName: &logSearchStorageClass,
-						},
-					},
-					Labels:             dbLabels,
-					Annotations:        dbAnnotations,
-					NodeSelector:       dbNodeSelector,
-					Image:              params.Data.DbImage,
-					ServiceAccountName: params.Data.DbServiceAccountName,
-					Resources: corev1.ResourceRequirements{
-						Requests: minTenant.Spec.Log.Db.Resources.Requests,
-					},
-				}
-			} else {
-				minTenant.Spec.Log.Db.Labels = dbLabels
-				minTenant.Spec.Log.Db.Annotations = dbAnnotations
-				minTenant.Spec.Log.Db.NodeSelector = dbNodeSelector
-				minTenant.Spec.Log.Db.Image = params.Data.DbImage
-				minTenant.Spec.Log.Db.InitImage = params.Data.DbInitImage
-				minTenant.Spec.Log.Db.ServiceAccountName = params.Data.DbServiceAccountName
-				minTenant.Spec.Log.Db.SecurityContext, err = convertModelSCToK8sSC(params.Data.DbSecurityContext)
-				if err != nil {
-					return false, restapi.ErrorWithContext(ctx, err)
-				}
-			}
-		}
-	}
-
-	_, err = opClient.TenantUpdate(ctx, minTenant, metav1.UpdateOptions{})
-	if err != nil {
-		return false, restapi.ErrorWithContext(ctx, err)
-	}
-	return true, nil
-}
-
-// enableTenantLoggingResponse enables Tenant Logging
-func enableTenantLoggingResponse(session *models.Principal, params operator_api.EnableTenantLoggingParams) (bool, *models.Error) {
-	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
-	defer cancel()
-
-	opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken)
-	if err != nil {
-		return false, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantUsage)
-	}
-
-	opClient := &operatorClient{
-		client: opClientClientSet,
-	}
-
-	minTenant, err := getTenant(ctx, opClient, params.Namespace, params.Tenant)
-	if err != nil {
-		return false, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantUsage)
-	}
-	minTenant.EnsureDefaults()
-	// Default class name for Log search
-	diskSpaceFromAPI := int64(5) * humanize.GiByte // Default is 5Gi
-	logSearchStorageClass := "standard"
-
-	logSearchDiskSpace := resource.NewQuantity(diskSpaceFromAPI, resource.DecimalExponent)
-
-	auditMaxCap := 10
-	if (diskSpaceFromAPI / humanize.GiByte) < int64(auditMaxCap) {
-		auditMaxCap = int(diskSpaceFromAPI / humanize.GiByte)
-	}
-
-	minTenant.Spec.Log = &miniov2.LogConfig{
-		Audit: &miniov2.AuditConfig{DiskCapacityGB: swag.Int(auditMaxCap)},
-		Db: &miniov2.LogDbConfig{
-			VolumeClaimTemplate: &corev1.PersistentVolumeClaim{
-				ObjectMeta: metav1.ObjectMeta{
-					Name: params.Tenant + "-log",
-				},
-				Spec: corev1.PersistentVolumeClaimSpec{
-					AccessModes: []corev1.PersistentVolumeAccessMode{
-						corev1.ReadWriteOnce,
-					},
-					Resources: corev1.ResourceRequirements{
-						Requests: corev1.ResourceList{
-							corev1.ResourceStorage: *logSearchDiskSpace,
-						},
-					},
-					StorageClassName: &logSearchStorageClass,
-				},
-			},
-		},
-	}
-
-	_, err = opClient.TenantUpdate(ctx, minTenant, metav1.UpdateOptions{})
-	if err != nil {
-		return false, restapi.ErrorWithContext(ctx, err)
-	}
-	return true, nil
-}
-
-// disableTenantLoggingResponse disables Tenant Logging
-func disableTenantLoggingResponse(session *models.Principal, params operator_api.DisableTenantLoggingParams) (bool, *models.Error) {
-	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
-	defer cancel()
-
-	opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken)
-	if err != nil {
-		return false, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantUsage)
-	}
-	if err != nil {
-		return false, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantUsage)
-	}
-
-	opClient := &operatorClient{
-		client: opClientClientSet,
-	}
-
-	minTenant, err := getTenant(ctx, opClient, params.Namespace, params.Tenant)
-	if err != nil {
-		return false, restapi.ErrorWithContext(ctx, err, restapi.ErrUnableToGetTenantUsage)
-	}
-	minTenant.EnsureDefaults()
-	minTenant.Spec.Log = nil
-
-	_, err = opClient.TenantUpdate(ctx, minTenant, metav1.UpdateOptions{})
-	if err != nil {
-		return false, restapi.ErrorWithContext(ctx, err)
-	}
-	return true, nil
-}
-
 func getTenantPodsResponse(session *models.Principal, params operator_api.GetTenantPodsParams) ([]*models.TenantPod, *models.Error) {
 	ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
 	defer cancel()

operatorapi/tenants_helper.go

@@ -182,13 +182,13 @@ func tenantUpdateEncryption(ctx context.Context, operatorClient OperatorClientI,
 			}
 		}
 	}
-	if body.Server != nil {
+	if body.ServerTLS != nil {
 		kesExternalCertSecretName := fmt.Sprintf("%s-kes-external-cert", secretName)
 		if tenant.KESExternalCert() {
 			kesExternalCertSecretName = tenant.Spec.KES.ExternalCertSecret.Name
 		}
 		// update certificates
-		certificates := []*models.KeyPairConfiguration{body.Server}
+		certificates := []*models.KeyPairConfiguration{body.ServerTLS}
 		createdCertificates, err := createOrReplaceExternalCertSecrets(ctx, clientSet, namespace, certificates, kesExternalCertSecretName, tenantName)
 		if err != nil {
 			return err
@@ -197,13 +197,13 @@ func tenantUpdateEncryption(ctx context.Context, operatorClient OperatorClientI,
 			tenant.Spec.KES.ExternalCertSecret = createdCertificates[0]
 		}
 	}
-	if body.Client != nil {
+	if body.MinioMtls != nil {
 		tenantExternalClientCertSecretName := fmt.Sprintf("%s-tenant-external-client-cert", secretName)
 		if tenant.ExternalClientCert() {
 			tenantExternalClientCertSecretName = tenant.Spec.ExternalClientCertSecret.Name
 		}
 		// Update certificates
-		certificates := []*models.KeyPairConfiguration{body.Client}
+		certificates := []*models.KeyPairConfiguration{body.MinioMtls}
 		createdCertificates, err := createOrReplaceExternalCertSecrets(ctx, clientSet, namespace, certificates, tenantExternalClientCertSecretName, tenantName)
 		if err != nil {
 			return err
@@ -309,7 +309,7 @@ func tenantEncryptionInfo(ctx context.Context, operatorClient OperatorClientI, c
 				return nil, err
 			}
 			if len(kesExternalCerts) > 0 {
-				encryptConfig.Server = kesExternalCerts[0]
+				encryptConfig.ServerTLS = kesExternalCerts[0]
 			}
 		}
 		if tenant.ExternalClientCert() {
@@ -318,7 +318,7 @@ func tenantEncryptionInfo(ctx context.Context, operatorClient OperatorClientI, c
 				return nil, err
 			}
 			if len(clientCerts) > 0 {
-				encryptConfig.MtlsClient = clientCerts[0]
+				encryptConfig.MinioMtls = clientCerts[0]
 			}
 		}
 
@@ -329,6 +329,8 @@ func tenantEncryptionInfo(ctx context.Context, operatorClient OperatorClientI, c
 			}
 			if rawConfiguration, ok := configSecret.Data["server-config.yaml"]; ok {
 				kesConfiguration := &kes.ServerConfig{}
+				// return raw configuration in case the user wants to edit KES configuration manually
+				encryptConfig.Raw = string(rawConfiguration)
 				err := yaml.Unmarshal(rawConfiguration, kesConfiguration)
 				if err != nil {
 					return nil, err
@@ -355,7 +357,7 @@ func tenantEncryptionInfo(ctx context.Context, operatorClient OperatorClientI, c
 						}
 					}
 					if tenant.KESClientCert() {
-						vaultConfig.TLS = &models.VaultConfigurationResponseTLS{}
+						encryptConfig.KmsMtls = &models.EncryptionConfigurationResponseAO1KmsMtls{}
 						clientSecretName := tenant.Spec.KES.ClientCertSecret.Name
 						keyPair, err := clientSet.getSecret(ctx, namespace, clientSecretName, metav1.GetOptions{})
 						if err != nil {
@@ -363,14 +365,14 @@ func tenantEncryptionInfo(ctx context.Context, operatorClient OperatorClientI, c
 						}
 						// Extract client public certificate
 						if rawCert, ok := keyPair.Data["client.crt"]; ok {
-							vaultConfig.TLS.Crt, err = parseCertificate(clientSecretName, rawCert)
+							encryptConfig.KmsMtls.Crt, err = parseCertificate(clientSecretName, rawCert)
 							if err != nil {
 								return nil, err
 							}
 						}
 						// Extract client ca certificate
 						if rawCert, ok := keyPair.Data["ca.crt"]; ok {
-							vaultConfig.TLS.Ca, err = parseCertificate(clientSecretName, rawCert)
+							encryptConfig.KmsMtls.Ca, err = parseCertificate(clientSecretName, rawCert)
 							if err != nil {
 								return nil, err
 							}
@@ -418,7 +420,7 @@ func tenantEncryptionInfo(ctx context.Context, operatorClient OperatorClientI, c
 						}
 						if gemalto.KeySecure.TLS != nil {
 							if tenant.KESClientCert() {
-								gemaltoConfig.Keysecure.TLS = &models.GemaltoConfigurationResponseKeysecureTLS{}
+								encryptConfig.KmsMtls = &models.EncryptionConfigurationResponseAO1KmsMtls{}
 								clientSecretName := tenant.Spec.KES.ClientCertSecret.Name
 								keyPair, err := clientSet.getSecret(ctx, namespace, clientSecretName, metav1.GetOptions{})
 								if err != nil {
@@ -426,7 +428,7 @@ func tenantEncryptionInfo(ctx context.Context, operatorClient OperatorClientI, c
 								}
 								// Extract client ca certificate
 								if rawCert, ok := keyPair.Data["ca.crt"]; ok {
-									gemaltoConfig.Keysecure.TLS.Ca, err = parseCertificate(clientSecretName, rawCert)
+									encryptConfig.KmsMtls.Ca, err = parseCertificate(clientSecretName, rawCert)
 									if err != nil {
 										return nil, err
 									}
@@ -452,7 +454,7 @@ func tenantEncryptionInfo(ctx context.Context, operatorClient OperatorClientI, c
 		}
 		return encryptConfig, nil
 	}
-	return nil, errors.New("encryption configuration not found")
+	return nil, xerrors.ErrEncryptionConfigNotFound
 }
 
 // getTenantEncryptionResponse is a wrapper for tenantEncryptionInfo
@@ -476,7 +478,7 @@ func getTenantEncryptionInfoResponse(session *models.Principal, params operator_
 	}
 	configuration, err := tenantEncryptionInfo(ctx, &opClient, &k8sClient, params.Namespace, params)
 	if err != nil {
-		return nil, xerrors.ErrorWithContext(ctx, err, xerrors.ErrEncryptionConfigNotFound)
+		return nil, xerrors.ErrorWithContext(ctx, err)
 	}
 	return configuration, nil
 }
@@ -509,8 +511,8 @@ func getKESConfiguration(ctx context.Context, clientSet K8sClientI, ns string, e
 		}
 	}
 	// Generate server certificates for KES
-	if encryptionCfg.Server != nil {
-		certificates := []*models.KeyPairConfiguration{encryptionCfg.Server}
+	if encryptionCfg.ServerTLS != nil {
+		certificates := []*models.KeyPairConfiguration{encryptionCfg.ServerTLS}
 		certificateSecrets, err := createOrReplaceExternalCertSecrets(ctx, clientSet, ns, certificates, kesExternalCertSecretName, tenantName)
 		if err != nil {
 			return nil, err
@@ -627,23 +629,13 @@ func createOrReplaceExternalCertSecrets(ctx context.Context, clientSet K8sClient
 }
 
 func createOrReplaceKesConfigurationSecrets(ctx context.Context, clientSet K8sClientI, ns string, encryptionCfg *models.EncryptionConfiguration, kesConfigurationSecretName, kesClientCertSecretName, tenantName string) (*corev1.LocalObjectReference, *miniov2.LocalCertificateReference, error) {
-	// delete KES configuration secret if exists
-	if err := clientSet.deleteSecret(ctx, ns, kesConfigurationSecretName, metav1.DeleteOptions{}); err != nil {
-		// log the errors if any and continue
-		xerrors.LogError("deleting secret name %s failed: %v, continuing..", kesConfigurationSecretName, err)
-	}
-	// delete KES client cert secret if exists
-	if err := clientSet.deleteSecret(ctx, ns, kesClientCertSecretName, metav1.DeleteOptions{}); err != nil {
-		// log the errors if any and continue
-		xerrors.LogError("deleting secret name %s failed: %v, continuing..", kesClientCertSecretName, err)
-	}
 	// if autoCert is enabled then Operator will generate the client certificates, calculate the client cert identity
 	// and pass it to KES via the ${MINIO_KES_IDENTITY} variable
 	clientCrtIdentity := "${MINIO_KES_IDENTITY}"
 	// If a client certificate is provided proceed to calculate the identity
-	if encryptionCfg.Client != nil {
+	if encryptionCfg.MinioMtls != nil {
 		// Client certificate for KES used by Minio to mTLS
-		clientTLSCrt, err := base64.StdEncoding.DecodeString(*encryptionCfg.Client.Crt)
+		clientTLSCrt, err := base64.StdEncoding.DecodeString(*encryptionCfg.MinioMtls.Crt)
 		if err != nil {
 			return nil, nil, err
 		}
@@ -725,8 +717,8 @@ func createOrReplaceKesConfigurationSecrets(ctx context.Context, clientSet K8sCl
 			return nil, nil, errors.New("approle credentials missing for kes")
 		}
 		// Vault mTLS kesConfiguration
-		if encryptionCfg.Vault.TLS != nil {
-			vaultTLSConfig := encryptionCfg.Vault.TLS
+		if encryptionCfg.KmsMtls != nil {
+			vaultTLSConfig := encryptionCfg.KmsMtls
 			kesConfig.Keys.Vault.TLS = &kes.VaultTLS{}
 			if vaultTLSConfig.Crt != "" {
 				clientCrt, err := base64.StdEncoding.DecodeString(vaultTLSConfig.Crt)
@@ -781,9 +773,9 @@ func createOrReplaceKesConfigurationSecrets(ctx context.Context, clientSet K8sCl
 		if encryptionCfg.Gemalto.Keysecure != nil {
 			kesConfig.Keys.Gemalto.KeySecure.Endpoint = *encryptionCfg.Gemalto.Keysecure.Endpoint
 			// Gemalto TLS kesConfiguration
-			if encryptionCfg.Gemalto.Keysecure.TLS != nil {
-				if encryptionCfg.Gemalto.Keysecure.TLS.Ca != nil {
-					caCrt, err := base64.StdEncoding.DecodeString(*encryptionCfg.Gemalto.Keysecure.TLS.Ca)
+			if encryptionCfg.KmsMtls != nil {
+				if encryptionCfg.KmsMtls.Ca != "" {
+					caCrt, err := base64.StdEncoding.DecodeString(encryptionCfg.KmsMtls.Ca)
 					if err != nil {
 						return nil, nil, err
 					}
@@ -841,6 +833,11 @@ func createOrReplaceKesConfigurationSecrets(ctx context.Context, clientSet K8sCl
 	// if mTLSCertificates contains elements we create the kubernetes secret
 	var clientCertSecretReference *miniov2.LocalCertificateReference
 	if len(mTLSCertificates) > 0 {
+		// delete KES client cert secret only if new client certificates are provided
+		if err := clientSet.deleteSecret(ctx, ns, kesClientCertSecretName, metav1.DeleteOptions{}); err != nil {
+			// log the errors if any and continue
+			xerrors.LogError("deleting secret name %s failed: %v, continuing..", kesClientCertSecretName, err)
+		}
 		// Secret to store KES mTLS kesConfiguration to authenticate against a KMS
 		kesClientCertSecret := corev1.Secret{
 			ObjectMeta: metav1.ObjectMeta{
@@ -861,11 +858,32 @@ func createOrReplaceKesConfigurationSecrets(ctx context.Context, clientSet K8sCl
 			Name: kesClientCertSecretName,
 		}
 	}
-	// Generate Yaml kesConfiguration for KES
-	serverConfigYaml, err := yaml.Marshal(kesConfig)
-	if err != nil {
-		return nil, nil, err
+
+	var serverRawConfig []byte
+	var err error
+
+	if encryptionCfg.Raw != "" {
+		serverRawConfig = []byte(encryptionCfg.Raw)
+		// verify provided configuration is in valid YAML format
+		var configTest kes.ServerConfig
+		err = yaml.Unmarshal(serverRawConfig, &configTest)
+		if err != nil {
+			return nil, nil, err
+		}
+	} else {
+		// Generate Yaml kesConfiguration for KES
+		serverRawConfig, err = yaml.Marshal(kesConfig)
+		if err != nil {
+			return nil, nil, err
+		}
 	}
+
+	// delete KES configuration secret if exists
+	if err := clientSet.deleteSecret(ctx, ns, kesConfigurationSecretName, metav1.DeleteOptions{}); err != nil {
+		// log the errors if any and continue
+		xerrors.LogError("deleting secret name %s failed: %v, continuing..", kesConfigurationSecretName, err)
+	}
+
 	// Secret to store KES server kesConfiguration
 	kesConfigurationSecret := corev1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
@@ -876,7 +894,7 @@ func createOrReplaceKesConfigurationSecrets(ctx context.Context, clientSet K8sCl
 		},
 		Immutable: &imm,
 		Data: map[string][]byte{
-			"server-config.yaml": serverConfigYaml,
+			"server-config.yaml": serverRawConfig,
 		},
 	}
 	_, err = clientSet.createSecret(ctx, ns, &kesConfigurationSecret, metav1.CreateOptions{})

operatorapi/tenants_helper_test.go

@@ -289,7 +289,7 @@ func Test_createOrReplaceKesConfigurationSecrets(t *testing.T) {
 				ctx:       context.Background(),
 				clientSet: k8sClient,
 				encryptionCfg: &models.EncryptionConfiguration{
-					Client: &models.KeyPairConfiguration{
+					MinioMtls: &models.KeyPairConfiguration{
 						Crt: &badCrt,
 						Key: &badKey,
 					},
@@ -312,7 +312,7 @@ func Test_createOrReplaceKesConfigurationSecrets(t *testing.T) {
 				ctx:       context.Background(),
 				clientSet: k8sClient,
 				encryptionCfg: &models.EncryptionConfiguration{
-					Client: &models.KeyPairConfiguration{
+					MinioMtls: &models.KeyPairConfiguration{
 						Crt: &key, // will cause an error because we are passing a private key as the public key
 						Key: &key,
 					},
@@ -335,10 +335,15 @@ func Test_createOrReplaceKesConfigurationSecrets(t *testing.T) {
 				ctx:       context.Background(),
 				clientSet: k8sClient,
 				encryptionCfg: &models.EncryptionConfiguration{
-					Client: &models.KeyPairConfiguration{
+					MinioMtls: &models.KeyPairConfiguration{
 						Crt: &crt,
 						Key: &key,
 					},
+					KmsMtls: &models.EncryptionConfigurationAO1KmsMtls{
+						Ca:  crt,
+						Crt: crt,
+						Key: key,
+					},
 					Vault: &models.VaultConfiguration{
 						Approle: &models.VaultConfigurationApprole{
 							Engine: "",
@@ -351,11 +356,6 @@ func Test_createOrReplaceKesConfigurationSecrets(t *testing.T) {
 						Namespace: "",
 						Prefix:    "",
 						Status:    nil,
-						TLS: &models.VaultConfigurationTLS{
-							Ca:  crt,
-							Crt: crt,
-							Key: key,
-						},
 					},
 				},
 				ns:                         "default",

pkg/auth/idp.go

@@ -40,11 +40,12 @@ type IdentityProviderI interface {
 type IdentityProvider struct {
 	KeyFunc oauth2.StateKeyFunc
 	Client  *oauth2.Provider
+	RoleARN string
 }
 
 // VerifyIdentity will verify the user identity against the idp using the authorization code flow
 func (c IdentityProvider) VerifyIdentity(ctx context.Context, code, state string) (*credentials.Credentials, error) {
-	return c.Client.VerifyIdentity(ctx, code, state, c.KeyFunc)
+	return c.Client.VerifyIdentity(ctx, code, state, c.RoleARN, c.KeyFunc)
 }
 
 // VerifyIdentityForOperator will verify the user identity against the idp using the authorization code flow
@@ -54,5 +55,5 @@ func (c IdentityProvider) VerifyIdentityForOperator(ctx context.Context, code, s
 
 // GenerateLoginURL returns a new URL used by the user to login against the idp
 func (c IdentityProvider) GenerateLoginURL() string {
-	return c.Client.GenerateLoginURL(c.KeyFunc)
+	return c.Client.GenerateLoginURL(c.KeyFunc, c.Client.IDPName)
 }

pkg/auth/idp/oauth2/config.go

@@ -37,6 +37,8 @@ type ProviderConfig struct {
 	Userinfo                 bool
 	RedirectCallbackDynamic  bool
 	RedirectCallback         string
+	EndSessionEndpoint       string
+	RoleArn                  string // can be empty
 }
 
 // GetStateKeyFunc - return the key function used to generate the authorization
@@ -47,9 +49,11 @@ func (pc ProviderConfig) GetStateKeyFunc() StateKeyFunc {
 	}
 }
 
-type OpenIDPCfg map[string]ProviderConfig
+func (pc ProviderConfig) GetARNInf() string {
+	return pc.RoleArn
+}
 
-var DefaultIDPConfig = "_"
+type OpenIDPCfg map[string]ProviderConfig
 
 func GetSTSEndpoint() string {
 	return strings.TrimSpace(env.Get(ConsoleMinIOServer, "http://localhost:9000"))

pkg/auth/idp/oauth2/const.go

@@ -29,4 +29,5 @@ const (
 	ConsoleIDPScopes             = "CONSOLE_IDP_SCOPES"
 	ConsoleIDPUserInfo           = "CONSOLE_IDP_USERINFO"
 	ConsoleIDPTokenExpiration    = "CONSOLE_IDP_TOKEN_EXPIRATION"
+	ConsoleIDPRoleARN            = "CONSOLE_IDP_ROLE_ARN"
 )

pkg/auth/idp/oauth2/provider.go

@@ -92,13 +92,13 @@ func (ac Config) TokenSource(ctx context.Context, t *xoauth2.Token) xoauth2.Toke
 type Provider struct {
 	// oauth2Config is an interface configuration that contains the following fields
 	// Config{
-	// 	 ClientID string
+	// 	 IDPName string
 	//	 ClientSecret string
 	//	 RedirectURL string
 	//	 Endpoint oauth2.Endpoint
 	//	 Scopes []string
 	// }
-	// - ClientID is the public identifier for this application
+	// - IDPName is the public identifier for this application
 	// - ClientSecret is a shared secret between this application and the authorization server
 	// - RedirectURL is the URL to redirect users going through
 	//   the OAuth flow, after the resource owner's URLs.
@@ -107,9 +107,10 @@ type Provider struct {
 	//   often available via site-specific packages, such as
 	//   google.Endpoint or github.Endpoint.
 	// - Scopes specifies optional requested permissions.
-	ClientID string
+	IDPName string
 	// if enabled means that we need extrace access_token as well
 	UserInfo       bool
+	RefreshToken   string
 	oauth2Config   Configuration
 	provHTTPClient *http.Client
 }
@@ -178,6 +179,7 @@ func NewOauth2ProviderClient(scopes []string, r *http.Request, httpClient *http.
 	}
 
 	redirectURL := GetIDPCallbackURL()
+
 	if GetIDPCallbackURLDynamic() {
 		// dynamic redirect if set, will generate redirect URLs
 		// dynamically based on incoming requests.
@@ -199,7 +201,7 @@ func NewOauth2ProviderClient(scopes []string, r *http.Request, httpClient *http.
 		Scopes: scopes,
 	}
 
-	client.ClientID = GetIDPClientID()
+	client.IDPName = GetIDPClientID()
 	client.UserInfo = GetIDPUserInfo()
 	client.provHTTPClient = httpClient
 
@@ -273,7 +275,7 @@ func (o OpenIDPCfg) NewOauth2ProviderClient(name string, scopes []string, r *htt
 		Scopes: scopes,
 	}
 
-	client.ClientID = o[name].ClientID
+	client.IDPName = name
 	client.UserInfo = o[name].Userinfo
 	client.provHTTPClient = httpClient
 	return client, nil
@@ -310,7 +312,7 @@ type StateKeyFunc func() []byte
 
 // VerifyIdentity will contact the configured IDP to the user identity based on the authorization code and state
 // if the user is valid, then it will contact MinIO to get valid sts credentials based on the identity provided by the IDP
-func (client *Provider) VerifyIdentity(ctx context.Context, code, state string, keyFunc StateKeyFunc) (*credentials.Credentials, error) {
+func (client *Provider) VerifyIdentity(ctx context.Context, code, state, roleARN string, keyFunc StateKeyFunc) (*credentials.Credentials, error) {
 	// verify the provided state is valid (prevents CSRF attacks)
 	if err := validateOauth2State(state, keyFunc); err != nil {
 		return nil, err
@@ -318,6 +320,7 @@ func (client *Provider) VerifyIdentity(ctx context.Context, code, state string,
 	getWebTokenExpiry := func() (*credentials.WebIdentityToken, error) {
 		customCtx := context.WithValue(ctx, oauth2.HTTPClient, client.provHTTPClient)
 		oauth2Token, err := client.oauth2Config.Exchange(customCtx, code)
+		client.RefreshToken = oauth2Token.RefreshToken
 		if err != nil {
 			return nil, err
 		}
@@ -352,10 +355,12 @@ func (client *Provider) VerifyIdentity(ctx context.Context, code, state string,
 		return token, nil
 	}
 	stsEndpoint := GetSTSEndpoint()
+
 	sts := credentials.New(&credentials.STSWebIdentity{
 		Client:              client.provHTTPClient,
 		STSEndpoint:         stsEndpoint,
 		GetWebIDTokenExpiry: getWebTokenExpiry,
+		RoleARN:             roleARN,
 	})
 	return sts, nil
 }
@@ -439,10 +444,34 @@ func GetRandomStateWithHMAC(length int, keyFunc StateKeyFunc) string {
 	return base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("%s:%s", state, hmac)))
 }
 
+type LoginURLParams struct {
+	State   string `json:"state"`
+	IDPName string `json:"idp_name"`
+}
+
 // GenerateLoginURL returns a new login URL based on the configured IDP
-func (client *Provider) GenerateLoginURL(keyFunc StateKeyFunc) string {
+func (client *Provider) GenerateLoginURL(keyFunc StateKeyFunc, iDPName string) string {
 	// generates random state and sign it using HMAC256
 	state := GetRandomStateWithHMAC(25, keyFunc)
-	loginURL := client.oauth2Config.AuthCodeURL(state)
+
+	configureID := "_"
+
+	if iDPName != "" {
+		configureID = iDPName
+	}
+
+	lgParams := LoginURLParams{
+		State:   state,
+		IDPName: configureID,
+	}
+
+	jsonEnc, err := json.Marshal(lgParams)
+	if err != nil {
+		return ""
+	}
+
+	stEncode := base64.StdEncoding.EncodeToString(jsonEnc)
+	loginURL := client.oauth2Config.AuthCodeURL(stEncode)
+
 	return strings.TrimSpace(loginURL)
 }

pkg/auth/idp/oauth2/provider_test.go

@@ -66,6 +66,6 @@ func TestGenerateLoginURL(t *testing.T) {
 		// a non-empty string
 		return state
 	}
-	url := oauth2Provider.GenerateLoginURL(DefaultDerivedKey)
+	url := oauth2Provider.GenerateLoginURL(DefaultDerivedKey, "testIDP")
 	funcAssert.NotEqual("", url)
 }

pkg/auth/token/config.go

@@ -23,19 +23,11 @@ import (
 	"github.com/minio/pkg/env"
 )
 
-// GetConsoleSTSDuration returns the default session duration for the STS requested tokens (defaults to 1h)
+// GetConsoleSTSDuration returns the default session duration for the STS requested tokens (defaults to 12h)
 func GetConsoleSTSDuration() time.Duration {
-	durationSeconds := env.Get(ConsoleSTSDurationSeconds, "")
-	if durationSeconds != "" {
-		duration, err := time.ParseDuration(durationSeconds + "s")
-		if err != nil {
-			duration = 1 * time.Hour
-		}
-		return duration
-	}
-	duration, err := time.ParseDuration(env.Get(ConsoleSTSDuration, "1h"))
+	duration, err := time.ParseDuration(env.Get(ConsoleSTSDuration, "12h"))
 	if err != nil {
-		duration = 1 * time.Hour
+		duration = 12 * time.Hour
 	}
 	return duration
 }

pkg/auth/token/const.go

@@ -17,8 +17,7 @@
 package token
 
 const (
-	ConsoleSTSDurationSeconds = "CONSOLE_STS_DURATION_SECONDS" // (deprecated), set value in seconds for sts session, ie: 3600
-	ConsoleSTSDuration        = "CONSOLE_STS_DURATION"         // time.Duration format, ie: 3600s, 2h45m, 1h, etc
-	ConsolePBKDFPassphrase    = "CONSOLE_PBKDF_PASSPHRASE"
-	ConsolePBKDFSalt          = "CONSOLE_PBKDF_SALT"
+	ConsoleSTSDuration     = "CONSOLE_STS_DURATION" // time.Duration format, ie: 3600s, 2h45m, 1h, etc
+	ConsolePBKDFPassphrase = "CONSOLE_PBKDF_PASSPHRASE"
+	ConsolePBKDFSalt       = "CONSOLE_PBKDF_SALT"
 )

pkg/logger/config/config.go

@@ -17,7 +17,7 @@
 package config
 
 import (
-	"github.com/minio/madmin-go"
+	"github.com/minio/madmin-go/v2"
 )
 
 // Default keys

pkg/subnet/subnet.go

@@ -22,14 +22,13 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"log"
 
 	"github.com/minio/console/pkg/http"
 
 	"github.com/minio/pkg/licverifier"
 
 	"github.com/minio/console/models"
-	"github.com/minio/madmin-go"
+	"github.com/minio/madmin-go/v2"
 	mc "github.com/minio/mc/cmd"
 	"github.com/tidwall/gjson"
 )
@@ -150,7 +149,6 @@ func ParseLicense(client http.ClientI, license string) (*licverifier.LicenseInfo
 
 	subnetPubKey, err := downloadSubnetPublicKey(client)
 	if err != nil {
-		log.Print(err)
 		// there was an issue getting the subnet public key
 		// use hardcoded public keys instead
 		publicKeys = OfflinePublicKeys

pkg/subnet/utils.go

@@ -27,7 +27,7 @@ import (
 
 	xhttp "github.com/minio/console/pkg/http"
 
-	"github.com/minio/madmin-go"
+	"github.com/minio/madmin-go/v2"
 	mc "github.com/minio/mc/cmd"
 	"github.com/minio/pkg/env"
 )

portal-ui/Makefile

@@ -13,3 +13,5 @@ test-prettier:
 
 prettify:
 	yarn prettier --write . --loglevel warn
+
+pretty: prettify

portal-ui/build/asset-manifest.json

@@ -1,131 +1,139 @@
 {
   "files": {
     "main.css": "./static/css/main.b20a708b.css",
-    "main.js": "./static/js/main.9dec64e0.js",
-    "static/js/1260.5248e62a.chunk.js": "./static/js/1260.5248e62a.chunk.js",
-    "static/js/6914.57144791.chunk.js": "./static/js/6914.57144791.chunk.js",
-    "static/js/4209.dd491df8.chunk.js": "./static/js/4209.dd491df8.chunk.js",
-    "static/js/1829.4d8548a9.chunk.js": "./static/js/1829.4d8548a9.chunk.js",
-    "static/js/4455.34da4012.chunk.js": "./static/js/4455.34da4012.chunk.js",
-    "static/js/5088.2338ab8d.chunk.js": "./static/js/5088.2338ab8d.chunk.js",
+    "main.js": "./static/js/main.2b781eaf.js",
+    "static/js/1260.ded6e17b.chunk.js": "./static/js/1260.ded6e17b.chunk.js",
+    "static/js/6914.1699f207.chunk.js": "./static/js/6914.1699f207.chunk.js",
+    "static/js/4209.227aa3b5.chunk.js": "./static/js/4209.227aa3b5.chunk.js",
+    "static/js/1829.be0f91b9.chunk.js": "./static/js/1829.be0f91b9.chunk.js",
+    "static/js/4455.237b7d46.chunk.js": "./static/js/4455.237b7d46.chunk.js",
+    "static/js/5088.db1a3894.chunk.js": "./static/js/5088.db1a3894.chunk.js",
     "static/js/5140.29fde8ff.chunk.js": "./static/js/5140.29fde8ff.chunk.js",
     "static/js/852.8313f23d.chunk.js": "./static/js/852.8313f23d.chunk.js",
-    "static/js/839.f4dd2641.chunk.js": "./static/js/839.f4dd2641.chunk.js",
+    "static/css/7588.9cb5f34b.chunk.css": "./static/css/7588.9cb5f34b.chunk.css",
+    "static/js/7588.120d7676.chunk.js": "./static/js/7588.120d7676.chunk.js",
     "static/js/3176.59846ccd.chunk.js": "./static/js/3176.59846ccd.chunk.js",
-    "static/js/6137.4944b3c1.chunk.js": "./static/js/6137.4944b3c1.chunk.js",
-    "static/js/7045.7464040f.chunk.js": "./static/js/7045.7464040f.chunk.js",
-    "static/js/9251.c314c7b9.chunk.js": "./static/js/9251.c314c7b9.chunk.js",
-    "static/js/2338.4512b89d.chunk.js": "./static/js/2338.4512b89d.chunk.js",
-    "static/js/4335.d0260e05.chunk.js": "./static/js/4335.d0260e05.chunk.js",
-    "static/js/6604.56df4486.chunk.js": "./static/js/6604.56df4486.chunk.js",
-    "static/js/6763.d4ff8d6b.chunk.js": "./static/js/6763.d4ff8d6b.chunk.js",
-    "static/js/3543.fad941bc.chunk.js": "./static/js/3543.fad941bc.chunk.js",
-    "static/js/4061.ef33bbaa.chunk.js": "./static/js/4061.ef33bbaa.chunk.js",
-    "static/js/5112.626a10bf.chunk.js": "./static/js/5112.626a10bf.chunk.js",
-    "static/js/9611.c217768e.chunk.js": "./static/js/9611.c217768e.chunk.js",
-    "static/js/2637.583760ab.chunk.js": "./static/js/2637.583760ab.chunk.js",
-    "static/css/5503.90c9cdc7.chunk.css": "./static/css/5503.90c9cdc7.chunk.css",
-    "static/js/5503.e6dfff1f.chunk.js": "./static/js/5503.e6dfff1f.chunk.js",
-    "static/js/5926.6813a97f.chunk.js": "./static/js/5926.6813a97f.chunk.js",
-    "static/js/701.6d0fe16f.chunk.js": "./static/js/701.6d0fe16f.chunk.js",
+    "static/js/6137.a74f25a3.chunk.js": "./static/js/6137.a74f25a3.chunk.js",
+    "static/js/7045.73a51a5c.chunk.js": "./static/js/7045.73a51a5c.chunk.js",
+    "static/js/7092.016f352b.chunk.js": "./static/js/7092.016f352b.chunk.js",
+    "static/js/2338.9785d021.chunk.js": "./static/js/2338.9785d021.chunk.js",
+    "static/js/4335.5864f94d.chunk.js": "./static/js/4335.5864f94d.chunk.js",
+    "static/js/6604.fbd73f8f.chunk.js": "./static/js/6604.fbd73f8f.chunk.js",
+    "static/js/6763.88842a51.chunk.js": "./static/js/6763.88842a51.chunk.js",
+    "static/js/3543.f1a85590.chunk.js": "./static/js/3543.f1a85590.chunk.js",
+    "static/js/4061.d4b9a89f.chunk.js": "./static/js/4061.d4b9a89f.chunk.js",
+    "static/js/5112.65587729.chunk.js": "./static/js/5112.65587729.chunk.js",
+    "static/js/9611.dc6938ca.chunk.js": "./static/js/9611.dc6938ca.chunk.js",
+    "static/js/2637.a78c67b6.chunk.js": "./static/js/2637.a78c67b6.chunk.js",
+    "static/css/5503.9cb5f34b.chunk.css": "./static/css/5503.9cb5f34b.chunk.css",
+    "static/js/5503.8102c269.chunk.js": "./static/js/5503.8102c269.chunk.js",
+    "static/js/5926.a85e7cf5.chunk.js": "./static/js/5926.a85e7cf5.chunk.js",
+    "static/js/701.34df1a0d.chunk.js": "./static/js/701.34df1a0d.chunk.js",
     "static/js/7821.461c5aa3.chunk.js": "./static/js/7821.461c5aa3.chunk.js",
-    "static/css/2850.90c9cdc7.chunk.css": "./static/css/2850.90c9cdc7.chunk.css",
-    "static/js/2850.8a62b572.chunk.js": "./static/js/2850.8a62b572.chunk.js",
-    "static/js/4131.739594e9.chunk.js": "./static/js/4131.739594e9.chunk.js",
-    "static/css/343.90c9cdc7.chunk.css": "./static/css/343.90c9cdc7.chunk.css",
-    "static/js/343.34f42ca3.chunk.js": "./static/js/343.34f42ca3.chunk.js",
-    "static/css/1199.90c9cdc7.chunk.css": "./static/css/1199.90c9cdc7.chunk.css",
-    "static/js/1199.503e1d6b.chunk.js": "./static/js/1199.503e1d6b.chunk.js",
-    "static/css/5517.90c9cdc7.chunk.css": "./static/css/5517.90c9cdc7.chunk.css",
-    "static/js/5517.cf7204c7.chunk.js": "./static/js/5517.cf7204c7.chunk.js",
-    "static/js/2555.0dbc9c69.chunk.js": "./static/js/2555.0dbc9c69.chunk.js",
-    "static/js/7585.3ba2ecd7.chunk.js": "./static/js/7585.3ba2ecd7.chunk.js",
-    "static/js/4902.395ae657.chunk.js": "./static/js/4902.395ae657.chunk.js",
-    "static/js/7847.4176f3e5.chunk.js": "./static/js/7847.4176f3e5.chunk.js",
-    "static/js/3097.c51c1e97.chunk.js": "./static/js/3097.c51c1e97.chunk.js",
-    "static/js/692.acf902c5.chunk.js": "./static/js/692.acf902c5.chunk.js",
-    "static/js/8626.617017df.chunk.js": "./static/js/8626.617017df.chunk.js",
-    "static/js/736.ae41c7ee.chunk.js": "./static/js/736.ae41c7ee.chunk.js",
-    "static/js/6577.c8329c4f.chunk.js": "./static/js/6577.c8329c4f.chunk.js",
-    "static/js/9561.3f9d7984.chunk.js": "./static/js/9561.3f9d7984.chunk.js",
-    "static/js/6401.5c896f2e.chunk.js": "./static/js/6401.5c896f2e.chunk.js",
-    "static/js/2949.c6b7f4b7.chunk.js": "./static/js/2949.c6b7f4b7.chunk.js",
+    "static/css/2850.9cb5f34b.chunk.css": "./static/css/2850.9cb5f34b.chunk.css",
+    "static/js/2850.c2c3a292.chunk.js": "./static/js/2850.c2c3a292.chunk.js",
+    "static/js/4131.34341b0f.chunk.js": "./static/js/4131.34341b0f.chunk.js",
+    "static/css/343.9cb5f34b.chunk.css": "./static/css/343.9cb5f34b.chunk.css",
+    "static/js/343.a3ee0915.chunk.js": "./static/js/343.a3ee0915.chunk.js",
+    "static/css/1199.9cb5f34b.chunk.css": "./static/css/1199.9cb5f34b.chunk.css",
+    "static/js/1199.cd08cdfd.chunk.js": "./static/js/1199.cd08cdfd.chunk.js",
+    "static/css/5517.9cb5f34b.chunk.css": "./static/css/5517.9cb5f34b.chunk.css",
+    "static/js/5517.730e0aeb.chunk.js": "./static/js/5517.730e0aeb.chunk.js",
+    "static/js/2555.47860755.chunk.js": "./static/js/2555.47860755.chunk.js",
+    "static/js/7486.83e0d248.chunk.js": "./static/js/7486.83e0d248.chunk.js",
+    "static/js/1377.6fbc40f3.chunk.js": "./static/js/1377.6fbc40f3.chunk.js",
+    "static/js/4672.7e50d90b.chunk.js": "./static/js/4672.7e50d90b.chunk.js",
+    "static/js/2516.5d118ef6.chunk.js": "./static/js/2516.5d118ef6.chunk.js",
+    "static/js/2759.3ab5d8ec.chunk.js": "./static/js/2759.3ab5d8ec.chunk.js",
+    "static/js/7295.c85034bf.chunk.js": "./static/js/7295.c85034bf.chunk.js",
+    "static/js/7585.cd3ad44f.chunk.js": "./static/js/7585.cd3ad44f.chunk.js",
+    "static/js/4902.b5c5ff07.chunk.js": "./static/js/4902.b5c5ff07.chunk.js",
+    "static/js/7847.659fc617.chunk.js": "./static/js/7847.659fc617.chunk.js",
+    "static/js/3097.86eccc21.chunk.js": "./static/js/3097.86eccc21.chunk.js",
+    "static/js/692.bf3eea50.chunk.js": "./static/js/692.bf3eea50.chunk.js",
+    "static/js/8626.b7bc68f1.chunk.js": "./static/js/8626.b7bc68f1.chunk.js",
+    "static/js/8360.cddfeef1.chunk.js": "./static/js/8360.cddfeef1.chunk.js",
+    "static/js/6577.caaa5471.chunk.js": "./static/js/6577.caaa5471.chunk.js",
+    "static/js/3875.7dc3910c.chunk.js": "./static/js/3875.7dc3910c.chunk.js",
+    "static/js/6401.82b00a73.chunk.js": "./static/js/6401.82b00a73.chunk.js",
+    "static/js/2949.c17a4a94.chunk.js": "./static/js/2949.c17a4a94.chunk.js",
     "static/js/3119.828f52b0.chunk.js": "./static/js/3119.828f52b0.chunk.js",
-    "static/js/5643.a58157c7.chunk.js": "./static/js/5643.a58157c7.chunk.js",
+    "static/js/5643.5f80a628.chunk.js": "./static/js/5643.5f80a628.chunk.js",
     "static/js/4781.f4794912.chunk.js": "./static/js/4781.f4794912.chunk.js",
     "static/js/9478.a335fb0f.chunk.js": "./static/js/9478.a335fb0f.chunk.js",
     "static/js/7164.3762a0c0.chunk.js": "./static/js/7164.3762a0c0.chunk.js",
-    "static/js/4414.c804fea8.chunk.js": "./static/js/4414.c804fea8.chunk.js",
-    "static/js/7798.5da0ca4b.chunk.js": "./static/js/7798.5da0ca4b.chunk.js",
-    "static/js/8833.9f18e03b.chunk.js": "./static/js/8833.9f18e03b.chunk.js",
-    "static/js/6526.904dad0c.chunk.js": "./static/js/6526.904dad0c.chunk.js",
-    "static/js/483.b40960b4.chunk.js": "./static/js/483.b40960b4.chunk.js",
-    "static/js/9467.361c4c5c.chunk.js": "./static/js/9467.361c4c5c.chunk.js",
-    "static/js/6895.c8233c8b.chunk.js": "./static/js/6895.c8233c8b.chunk.js",
-    "static/js/1379.35c4721c.chunk.js": "./static/js/1379.35c4721c.chunk.js",
-    "static/js/8277.ffa83ea5.chunk.js": "./static/js/8277.ffa83ea5.chunk.js",
-    "static/js/4133.9a0577c4.chunk.js": "./static/js/4133.9a0577c4.chunk.js",
-    "static/css/1367.90c9cdc7.chunk.css": "./static/css/1367.90c9cdc7.chunk.css",
-    "static/js/1367.0465294b.chunk.js": "./static/js/1367.0465294b.chunk.js",
-    "static/js/3956.5a9ef42b.chunk.js": "./static/js/3956.5a9ef42b.chunk.js",
-    "static/js/9221.06d80718.chunk.js": "./static/js/9221.06d80718.chunk.js",
-    "static/js/8896.042361de.chunk.js": "./static/js/8896.042361de.chunk.js",
-    "static/js/9134.f135131b.chunk.js": "./static/js/9134.f135131b.chunk.js",
-    "static/css/1268.90c9cdc7.chunk.css": "./static/css/1268.90c9cdc7.chunk.css",
-    "static/js/1268.ed4d5bd8.chunk.js": "./static/js/1268.ed4d5bd8.chunk.js",
-    "static/js/441.ef3a5a69.chunk.js": "./static/js/441.ef3a5a69.chunk.js",
-    "static/js/9145.0a0554bf.chunk.js": "./static/js/9145.0a0554bf.chunk.js",
-    "static/js/8998.6a160b0b.chunk.js": "./static/js/8998.6a160b0b.chunk.js",
-    "static/js/1501.5f62a612.chunk.js": "./static/js/1501.5f62a612.chunk.js",
-    "static/js/7770.0cb798cf.chunk.js": "./static/js/7770.0cb798cf.chunk.js",
+    "static/js/4414.7abfed46.chunk.js": "./static/js/4414.7abfed46.chunk.js",
+    "static/js/7798.8ed31952.chunk.js": "./static/js/7798.8ed31952.chunk.js",
+    "static/js/8833.9dccd2d5.chunk.js": "./static/js/8833.9dccd2d5.chunk.js",
+    "static/js/6526.e3612299.chunk.js": "./static/js/6526.e3612299.chunk.js",
+    "static/js/483.5b997456.chunk.js": "./static/js/483.5b997456.chunk.js",
+    "static/js/9467.8e1b707f.chunk.js": "./static/js/9467.8e1b707f.chunk.js",
+    "static/js/6895.488a4025.chunk.js": "./static/js/6895.488a4025.chunk.js",
+    "static/js/5882.41668ace.chunk.js": "./static/js/5882.41668ace.chunk.js",
+    "static/js/8277.e772e8bd.chunk.js": "./static/js/8277.e772e8bd.chunk.js",
+    "static/js/4133.2386eedc.chunk.js": "./static/js/4133.2386eedc.chunk.js",
+    "static/css/1367.9cb5f34b.chunk.css": "./static/css/1367.9cb5f34b.chunk.css",
+    "static/js/1367.eb3c7186.chunk.js": "./static/js/1367.eb3c7186.chunk.js",
+    "static/js/3956.81b98a64.chunk.js": "./static/js/3956.81b98a64.chunk.js",
+    "static/js/9221.38a31de2.chunk.js": "./static/js/9221.38a31de2.chunk.js",
+    "static/js/8896.2afd6d87.chunk.js": "./static/js/8896.2afd6d87.chunk.js",
+    "static/js/9134.76b1bd01.chunk.js": "./static/js/9134.76b1bd01.chunk.js",
+    "static/css/1268.9cb5f34b.chunk.css": "./static/css/1268.9cb5f34b.chunk.css",
+    "static/js/1268.31853f4b.chunk.js": "./static/js/1268.31853f4b.chunk.js",
+    "static/js/441.d647ea80.chunk.js": "./static/js/441.d647ea80.chunk.js",
+    "static/js/9145.85a731d5.chunk.js": "./static/js/9145.85a731d5.chunk.js",
+    "static/js/8998.5bea3a2b.chunk.js": "./static/js/8998.5bea3a2b.chunk.js",
+    "static/js/1501.e6260482.chunk.js": "./static/js/1501.e6260482.chunk.js",
+    "static/js/7770.771cea33.chunk.js": "./static/js/7770.771cea33.chunk.js",
     "static/js/426.82aff597.chunk.js": "./static/js/426.82aff597.chunk.js",
     "static/js/4298.39009639.chunk.js": "./static/js/4298.39009639.chunk.js",
     "static/js/2878.8dd5ace8.chunk.js": "./static/js/2878.8dd5ace8.chunk.js",
     "static/js/8495.b1689c2d.chunk.js": "./static/js/8495.b1689c2d.chunk.js",
     "static/js/4934.72071d47.chunk.js": "./static/js/4934.72071d47.chunk.js",
     "static/js/9942.78febb7d.chunk.js": "./static/js/9942.78febb7d.chunk.js",
-    "static/js/7021.9ea87695.chunk.js": "./static/js/7021.9ea87695.chunk.js",
-    "static/js/2684.cb179f6c.chunk.js": "./static/js/2684.cb179f6c.chunk.js",
-    "static/js/6683.ae70aa3c.chunk.js": "./static/js/6683.ae70aa3c.chunk.js",
-    "static/js/8350.d0f71354.chunk.js": "./static/js/8350.d0f71354.chunk.js",
+    "static/js/7021.62c812c9.chunk.js": "./static/js/7021.62c812c9.chunk.js",
+    "static/js/2684.dde9af57.chunk.js": "./static/js/2684.dde9af57.chunk.js",
+    "static/css/9567.9cb5f34b.chunk.css": "./static/css/9567.9cb5f34b.chunk.css",
+    "static/js/9567.93e1e8a0.chunk.js": "./static/js/9567.93e1e8a0.chunk.js",
+    "static/js/8350.ff17d087.chunk.js": "./static/js/8350.ff17d087.chunk.js",
     "static/js/4873.9349e8b2.chunk.js": "./static/js/4873.9349e8b2.chunk.js",
-    "static/js/5367.81c2d437.chunk.js": "./static/js/5367.81c2d437.chunk.js",
-    "static/js/6405.61f72110.chunk.js": "./static/js/6405.61f72110.chunk.js",
-    "static/js/5223.98f026b3.chunk.js": "./static/js/5223.98f026b3.chunk.js",
-    "static/js/1799.90db5583.chunk.js": "./static/js/1799.90db5583.chunk.js",
-    "static/js/9297.fb2e535e.chunk.js": "./static/js/9297.fb2e535e.chunk.js",
-    "static/js/9968.481540ab.chunk.js": "./static/js/9968.481540ab.chunk.js",
-    "static/js/2180.14bc77fc.chunk.js": "./static/js/2180.14bc77fc.chunk.js",
+    "static/js/5367.6280cd0d.chunk.js": "./static/js/5367.6280cd0d.chunk.js",
+    "static/js/6405.379b5b82.chunk.js": "./static/js/6405.379b5b82.chunk.js",
+    "static/js/5223.a4346b6b.chunk.js": "./static/js/5223.a4346b6b.chunk.js",
+    "static/js/1799.d2996f85.chunk.js": "./static/js/1799.d2996f85.chunk.js",
+    "static/js/9297.466f48d4.chunk.js": "./static/js/9297.466f48d4.chunk.js",
+    "static/js/9968.8cde9579.chunk.js": "./static/js/9968.8cde9579.chunk.js",
+    "static/js/2180.ecd3ab8b.chunk.js": "./static/js/2180.ecd3ab8b.chunk.js",
     "static/js/8253.fa95cf82.chunk.js": "./static/js/8253.fa95cf82.chunk.js",
-    "static/js/3328.f02a2e4c.chunk.js": "./static/js/3328.f02a2e4c.chunk.js",
-    "static/js/1440.2f369689.chunk.js": "./static/js/1440.2f369689.chunk.js",
-    "static/js/9179.f855888c.chunk.js": "./static/js/9179.f855888c.chunk.js",
-    "static/js/51.c461d317.chunk.js": "./static/js/51.c461d317.chunk.js",
-    "static/js/711.61c682cd.chunk.js": "./static/js/711.61c682cd.chunk.js",
-    "static/js/6901.1be7690b.chunk.js": "./static/js/6901.1be7690b.chunk.js",
-    "static/js/2185.0b324ec6.chunk.js": "./static/js/2185.0b324ec6.chunk.js",
-    "static/js/312.aefc992a.chunk.js": "./static/js/312.aefc992a.chunk.js",
-    "static/js/2112.93e2056f.chunk.js": "./static/js/2112.93e2056f.chunk.js",
-    "static/js/4619.82c18241.chunk.js": "./static/js/4619.82c18241.chunk.js",
-    "static/js/8990.d62803ce.chunk.js": "./static/js/8990.d62803ce.chunk.js",
-    "static/js/8455.ac01170a.chunk.js": "./static/js/8455.ac01170a.chunk.js",
-    "static/css/1913.90c9cdc7.chunk.css": "./static/css/1913.90c9cdc7.chunk.css",
-    "static/js/1913.62bd1877.chunk.js": "./static/js/1913.62bd1877.chunk.js",
-    "static/js/1604.d6abf9f0.chunk.js": "./static/js/1604.d6abf9f0.chunk.js",
-    "static/js/8391.93be3c76.chunk.js": "./static/js/8391.93be3c76.chunk.js",
-    "static/js/402.bce64a61.chunk.js": "./static/js/402.bce64a61.chunk.js",
+    "static/js/3328.72ba5ec0.chunk.js": "./static/js/3328.72ba5ec0.chunk.js",
+    "static/js/1440.d3fd88ff.chunk.js": "./static/js/1440.d3fd88ff.chunk.js",
+    "static/js/9179.73844de6.chunk.js": "./static/js/9179.73844de6.chunk.js",
+    "static/js/51.f63429fd.chunk.js": "./static/js/51.f63429fd.chunk.js",
+    "static/js/711.7013b9d7.chunk.js": "./static/js/711.7013b9d7.chunk.js",
+    "static/js/6901.cda3f1f9.chunk.js": "./static/js/6901.cda3f1f9.chunk.js",
+    "static/js/2185.4baca582.chunk.js": "./static/js/2185.4baca582.chunk.js",
+    "static/js/312.770148c8.chunk.js": "./static/js/312.770148c8.chunk.js",
+    "static/js/2112.c85537ec.chunk.js": "./static/js/2112.c85537ec.chunk.js",
+    "static/js/4619.bbf03503.chunk.js": "./static/js/4619.bbf03503.chunk.js",
+    "static/js/8990.4f806e82.chunk.js": "./static/js/8990.4f806e82.chunk.js",
+    "static/js/8455.8cf8a65d.chunk.js": "./static/js/8455.8cf8a65d.chunk.js",
+    "static/css/1913.9cb5f34b.chunk.css": "./static/css/1913.9cb5f34b.chunk.css",
+    "static/js/1913.2b54b9d3.chunk.js": "./static/js/1913.2b54b9d3.chunk.js",
+    "static/js/1604.fa7e2b2f.chunk.js": "./static/js/1604.fa7e2b2f.chunk.js",
+    "static/js/8391.ba8f9cd2.chunk.js": "./static/js/8391.ba8f9cd2.chunk.js",
+    "static/js/402.46c69861.chunk.js": "./static/js/402.46c69861.chunk.js",
     "static/js/1705.596850eb.chunk.js": "./static/js/1705.596850eb.chunk.js",
-    "static/js/1581.5d8bdb2a.chunk.js": "./static/js/1581.5d8bdb2a.chunk.js",
-    "static/js/455.64f2adc7.chunk.js": "./static/js/455.64f2adc7.chunk.js",
-    "static/js/2661.358ee4e3.chunk.js": "./static/js/2661.358ee4e3.chunk.js",
-    "static/js/889.eb646ebf.chunk.js": "./static/js/889.eb646ebf.chunk.js",
-    "static/js/9088.c0ec4658.chunk.js": "./static/js/9088.c0ec4658.chunk.js",
-    "static/js/247.6ff1fc3d.chunk.js": "./static/js/247.6ff1fc3d.chunk.js",
-    "static/js/2408.d23e2b83.chunk.js": "./static/js/2408.d23e2b83.chunk.js",
+    "static/js/1581.44c0448f.chunk.js": "./static/js/1581.44c0448f.chunk.js",
+    "static/js/455.4b142906.chunk.js": "./static/js/455.4b142906.chunk.js",
+    "static/js/2661.9bd125a1.chunk.js": "./static/js/2661.9bd125a1.chunk.js",
+    "static/js/889.bba47c51.chunk.js": "./static/js/889.bba47c51.chunk.js",
+    "static/js/9088.17f4cb12.chunk.js": "./static/js/9088.17f4cb12.chunk.js",
+    "static/js/247.908c948c.chunk.js": "./static/js/247.908c948c.chunk.js",
+    "static/js/2408.4f7b17cd.chunk.js": "./static/js/2408.4f7b17cd.chunk.js",
     "static/js/5171.e5224ef3.chunk.js": "./static/js/5171.e5224ef3.chunk.js",
     "static/js/3691.ff436a8f.chunk.js": "./static/js/3691.ff436a8f.chunk.js",
-    "static/js/2426.ab27f6f9.chunk.js": "./static/js/2426.ab27f6f9.chunk.js",
     "static/js/2813.cfbfa60f.chunk.js": "./static/js/2813.cfbfa60f.chunk.js",
+    "static/js/2426.ab27f6f9.chunk.js": "./static/js/2426.ab27f6f9.chunk.js",
     "static/js/3801.e9dc3054.chunk.js": "./static/js/3801.e9dc3054.chunk.js",
     "static/js/1918.9385ad56.chunk.js": "./static/js/1918.9385ad56.chunk.js",
     "static/js/1373.c65e2a03.chunk.js": "./static/js/1373.c65e2a03.chunk.js",
@@ -133,150 +141,179 @@
     "static/js/2011.af2dbefb.chunk.js": "./static/js/2011.af2dbefb.chunk.js",
     "static/js/2515.322cc076.chunk.js": "./static/js/2515.322cc076.chunk.js",
     "static/js/1459.03befbb8.chunk.js": "./static/js/1459.03befbb8.chunk.js",
+    "static/js/1465.4525f636.chunk.js": "./static/js/1465.4525f636.chunk.js",
     "static/js/1267.ee70805c.chunk.js": "./static/js/1267.ee70805c.chunk.js",
     "static/js/6172.12ed66ed.chunk.js": "./static/js/6172.12ed66ed.chunk.js",
-    "static/js/4827.a3ee5d0a.chunk.js": "./static/js/4827.a3ee5d0a.chunk.js",
     "static/js/696.c93c6454.chunk.js": "./static/js/696.c93c6454.chunk.js",
     "static/js/3388.6f330810.chunk.js": "./static/js/3388.6f330810.chunk.js",
     "static/js/71.323f55a6.chunk.js": "./static/js/71.323f55a6.chunk.js",
-    "static/js/4709.8bd47e6f.chunk.js": "./static/js/4709.8bd47e6f.chunk.js",
-    "static/js/3870.a1265f93.chunk.js": "./static/js/3870.a1265f93.chunk.js",
+    "static/js/3720.38c690e7.chunk.js": "./static/js/3720.38c690e7.chunk.js",
+    "static/js/1903.42b70cf0.chunk.js": "./static/js/1903.42b70cf0.chunk.js",
     "static/js/6484.de588cc0.chunk.js": "./static/js/6484.de588cc0.chunk.js",
     "static/js/7142.93647281.chunk.js": "./static/js/7142.93647281.chunk.js",
     "static/js/2691.19d72c3c.chunk.js": "./static/js/2691.19d72c3c.chunk.js",
     "static/js/1790.eb475334.chunk.js": "./static/js/1790.eb475334.chunk.js",
-    "static/js/7472.85d323e5.chunk.js": "./static/js/7472.85d323e5.chunk.js",
+    "static/js/2331.288af2ec.chunk.js": "./static/js/2331.288af2ec.chunk.js",
     "static/js/9515.a4e964be.chunk.js": "./static/js/9515.a4e964be.chunk.js",
-    "static/js/2983.15e04479.chunk.js": "./static/js/2983.15e04479.chunk.js",
-    "static/js/48.115b7eb1.chunk.js": "./static/js/48.115b7eb1.chunk.js",
-    "static/js/2763.d85f5750.chunk.js": "./static/js/2763.d85f5750.chunk.js",
+    "static/js/2983.e248775f.chunk.js": "./static/js/2983.e248775f.chunk.js",
+    "static/js/5861.65847210.chunk.js": "./static/js/5861.65847210.chunk.js",
+    "static/js/537.85347210.chunk.js": "./static/js/537.85347210.chunk.js",
+    "static/js/2763.08c6e1fd.chunk.js": "./static/js/2763.08c6e1fd.chunk.js",
+    "static/media/videoBG.mp4": "./static/media/videoBG.17363418b3c2246a0e27.mp4",
+    "static/media/loginAnimationPoster.png": "./static/media/loginAnimationPoster.9aa924bfe619e71d5d29.png",
+    "static/media/Inter-BoldItalic.woff": "./static/media/Inter-BoldItalic.b376885042f6c961a541.woff",
+    "static/media/Inter-LightItalic.woff": "./static/media/Inter-LightItalic.ef9f65d91d2b0ba9b2e4.woff",
+    "static/media/Inter-BlackItalic.woff": "./static/media/Inter-BlackItalic.ca1e738e4f349f27514d.woff",
+    "static/media/Inter-Italic.woff": "./static/media/Inter-Italic.890025e726861dba417f.woff",
+    "static/media/Inter-Bold.woff": "./static/media/Inter-Bold.93c1301bd9f486c573b3.woff",
+    "static/media/Inter-Light.woff": "./static/media/Inter-Light.994e34451cc19ede31d3.woff",
+    "static/media/Inter-Black.woff": "./static/media/Inter-Black.c6938660eec019fefd68.woff",
+    "static/media/Inter-Thin.woff": "./static/media/Inter-Thin.29b9c616a95a912abf73.woff",
+    "static/media/Inter-Regular.woff": "./static/media/Inter-Regular.8c206db99195777c6769.woff",
+    "static/media/Inter-BoldItalic.woff2": "./static/media/Inter-BoldItalic.2d26c56a606662486796.woff2",
+    "static/media/Inter-LightItalic.woff2": "./static/media/Inter-LightItalic.f86952265d7b0f02c921.woff2",
+    "static/media/Inter-BlackItalic.woff2": "./static/media/Inter-BlackItalic.cb2a7335650c690077fe.woff2",
+    "static/media/Inter-Italic.woff2": "./static/media/Inter-Italic.cb10ffd7684cd9836a05.woff2",
+    "static/media/Inter-Bold.woff2": "./static/media/Inter-Bold.ec64ea577b0349e055ad.woff2",
+    "static/media/Inter-Light.woff2": "./static/media/Inter-Light.2d5198822ab091ce4305.woff2",
+    "static/media/Inter-Black.woff2": "./static/media/Inter-Black.15ca31c0a2a68f76d2d1.woff2",
+    "static/media/Inter-Thin.woff2": "./static/media/Inter-Thin.fff2a096db014f6239d4.woff2",
+    "static/media/Inter-Regular.woff2": "./static/media/Inter-Regular.c8ba52b05a9ef10f4758.woff2",
     "index.html": "./index.html",
     "main.b20a708b.css.map": "./static/css/main.b20a708b.css.map",
-    "main.9dec64e0.js.map": "./static/js/main.9dec64e0.js.map",
-    "1260.5248e62a.chunk.js.map": "./static/js/1260.5248e62a.chunk.js.map",
-    "6914.57144791.chunk.js.map": "./static/js/6914.57144791.chunk.js.map",
-    "4209.dd491df8.chunk.js.map": "./static/js/4209.dd491df8.chunk.js.map",
-    "1829.4d8548a9.chunk.js.map": "./static/js/1829.4d8548a9.chunk.js.map",
-    "4455.34da4012.chunk.js.map": "./static/js/4455.34da4012.chunk.js.map",
-    "5088.2338ab8d.chunk.js.map": "./static/js/5088.2338ab8d.chunk.js.map",
+    "main.2b781eaf.js.map": "./static/js/main.2b781eaf.js.map",
+    "1260.ded6e17b.chunk.js.map": "./static/js/1260.ded6e17b.chunk.js.map",
+    "6914.1699f207.chunk.js.map": "./static/js/6914.1699f207.chunk.js.map",
+    "4209.227aa3b5.chunk.js.map": "./static/js/4209.227aa3b5.chunk.js.map",
+    "1829.be0f91b9.chunk.js.map": "./static/js/1829.be0f91b9.chunk.js.map",
+    "4455.237b7d46.chunk.js.map": "./static/js/4455.237b7d46.chunk.js.map",
+    "5088.db1a3894.chunk.js.map": "./static/js/5088.db1a3894.chunk.js.map",
     "5140.29fde8ff.chunk.js.map": "./static/js/5140.29fde8ff.chunk.js.map",
     "852.8313f23d.chunk.js.map": "./static/js/852.8313f23d.chunk.js.map",
-    "839.f4dd2641.chunk.js.map": "./static/js/839.f4dd2641.chunk.js.map",
+    "7588.9cb5f34b.chunk.css.map": "./static/css/7588.9cb5f34b.chunk.css.map",
+    "7588.120d7676.chunk.js.map": "./static/js/7588.120d7676.chunk.js.map",
     "3176.59846ccd.chunk.js.map": "./static/js/3176.59846ccd.chunk.js.map",
-    "6137.4944b3c1.chunk.js.map": "./static/js/6137.4944b3c1.chunk.js.map",
-    "7045.7464040f.chunk.js.map": "./static/js/7045.7464040f.chunk.js.map",
-    "9251.c314c7b9.chunk.js.map": "./static/js/9251.c314c7b9.chunk.js.map",
-    "2338.4512b89d.chunk.js.map": "./static/js/2338.4512b89d.chunk.js.map",
-    "4335.d0260e05.chunk.js.map": "./static/js/4335.d0260e05.chunk.js.map",
-    "6604.56df4486.chunk.js.map": "./static/js/6604.56df4486.chunk.js.map",
-    "6763.d4ff8d6b.chunk.js.map": "./static/js/6763.d4ff8d6b.chunk.js.map",
-    "3543.fad941bc.chunk.js.map": "./static/js/3543.fad941bc.chunk.js.map",
-    "4061.ef33bbaa.chunk.js.map": "./static/js/4061.ef33bbaa.chunk.js.map",
-    "5112.626a10bf.chunk.js.map": "./static/js/5112.626a10bf.chunk.js.map",
-    "9611.c217768e.chunk.js.map": "./static/js/9611.c217768e.chunk.js.map",
-    "2637.583760ab.chunk.js.map": "./static/js/2637.583760ab.chunk.js.map",
-    "5503.90c9cdc7.chunk.css.map": "./static/css/5503.90c9cdc7.chunk.css.map",
-    "5503.e6dfff1f.chunk.js.map": "./static/js/5503.e6dfff1f.chunk.js.map",
-    "5926.6813a97f.chunk.js.map": "./static/js/5926.6813a97f.chunk.js.map",
-    "701.6d0fe16f.chunk.js.map": "./static/js/701.6d0fe16f.chunk.js.map",
+    "6137.a74f25a3.chunk.js.map": "./static/js/6137.a74f25a3.chunk.js.map",
+    "7045.73a51a5c.chunk.js.map": "./static/js/7045.73a51a5c.chunk.js.map",
+    "7092.016f352b.chunk.js.map": "./static/js/7092.016f352b.chunk.js.map",
+    "2338.9785d021.chunk.js.map": "./static/js/2338.9785d021.chunk.js.map",
+    "4335.5864f94d.chunk.js.map": "./static/js/4335.5864f94d.chunk.js.map",
+    "6604.fbd73f8f.chunk.js.map": "./static/js/6604.fbd73f8f.chunk.js.map",
+    "6763.88842a51.chunk.js.map": "./static/js/6763.88842a51.chunk.js.map",
+    "3543.f1a85590.chunk.js.map": "./static/js/3543.f1a85590.chunk.js.map",
+    "4061.d4b9a89f.chunk.js.map": "./static/js/4061.d4b9a89f.chunk.js.map",
+    "5112.65587729.chunk.js.map": "./static/js/5112.65587729.chunk.js.map",
+    "9611.dc6938ca.chunk.js.map": "./static/js/9611.dc6938ca.chunk.js.map",
+    "2637.a78c67b6.chunk.js.map": "./static/js/2637.a78c67b6.chunk.js.map",
+    "5503.9cb5f34b.chunk.css.map": "./static/css/5503.9cb5f34b.chunk.css.map",
+    "5503.8102c269.chunk.js.map": "./static/js/5503.8102c269.chunk.js.map",
+    "5926.a85e7cf5.chunk.js.map": "./static/js/5926.a85e7cf5.chunk.js.map",
+    "701.34df1a0d.chunk.js.map": "./static/js/701.34df1a0d.chunk.js.map",
     "7821.461c5aa3.chunk.js.map": "./static/js/7821.461c5aa3.chunk.js.map",
-    "2850.90c9cdc7.chunk.css.map": "./static/css/2850.90c9cdc7.chunk.css.map",
-    "2850.8a62b572.chunk.js.map": "./static/js/2850.8a62b572.chunk.js.map",
-    "4131.739594e9.chunk.js.map": "./static/js/4131.739594e9.chunk.js.map",
-    "343.90c9cdc7.chunk.css.map": "./static/css/343.90c9cdc7.chunk.css.map",
-    "343.34f42ca3.chunk.js.map": "./static/js/343.34f42ca3.chunk.js.map",
-    "1199.90c9cdc7.chunk.css.map": "./static/css/1199.90c9cdc7.chunk.css.map",
-    "1199.503e1d6b.chunk.js.map": "./static/js/1199.503e1d6b.chunk.js.map",
-    "5517.90c9cdc7.chunk.css.map": "./static/css/5517.90c9cdc7.chunk.css.map",
-    "5517.cf7204c7.chunk.js.map": "./static/js/5517.cf7204c7.chunk.js.map",
-    "2555.0dbc9c69.chunk.js.map": "./static/js/2555.0dbc9c69.chunk.js.map",
-    "7585.3ba2ecd7.chunk.js.map": "./static/js/7585.3ba2ecd7.chunk.js.map",
-    "4902.395ae657.chunk.js.map": "./static/js/4902.395ae657.chunk.js.map",
-    "7847.4176f3e5.chunk.js.map": "./static/js/7847.4176f3e5.chunk.js.map",
-    "3097.c51c1e97.chunk.js.map": "./static/js/3097.c51c1e97.chunk.js.map",
-    "692.acf902c5.chunk.js.map": "./static/js/692.acf902c5.chunk.js.map",
-    "8626.617017df.chunk.js.map": "./static/js/8626.617017df.chunk.js.map",
-    "736.ae41c7ee.chunk.js.map": "./static/js/736.ae41c7ee.chunk.js.map",
-    "6577.c8329c4f.chunk.js.map": "./static/js/6577.c8329c4f.chunk.js.map",
-    "9561.3f9d7984.chunk.js.map": "./static/js/9561.3f9d7984.chunk.js.map",
-    "6401.5c896f2e.chunk.js.map": "./static/js/6401.5c896f2e.chunk.js.map",
-    "2949.c6b7f4b7.chunk.js.map": "./static/js/2949.c6b7f4b7.chunk.js.map",
+    "2850.9cb5f34b.chunk.css.map": "./static/css/2850.9cb5f34b.chunk.css.map",
+    "2850.c2c3a292.chunk.js.map": "./static/js/2850.c2c3a292.chunk.js.map",
+    "4131.34341b0f.chunk.js.map": "./static/js/4131.34341b0f.chunk.js.map",
+    "343.9cb5f34b.chunk.css.map": "./static/css/343.9cb5f34b.chunk.css.map",
+    "343.a3ee0915.chunk.js.map": "./static/js/343.a3ee0915.chunk.js.map",
+    "1199.9cb5f34b.chunk.css.map": "./static/css/1199.9cb5f34b.chunk.css.map",
+    "1199.cd08cdfd.chunk.js.map": "./static/js/1199.cd08cdfd.chunk.js.map",
+    "5517.9cb5f34b.chunk.css.map": "./static/css/5517.9cb5f34b.chunk.css.map",
+    "5517.730e0aeb.chunk.js.map": "./static/js/5517.730e0aeb.chunk.js.map",
+    "2555.47860755.chunk.js.map": "./static/js/2555.47860755.chunk.js.map",
+    "7486.83e0d248.chunk.js.map": "./static/js/7486.83e0d248.chunk.js.map",
+    "1377.6fbc40f3.chunk.js.map": "./static/js/1377.6fbc40f3.chunk.js.map",
+    "4672.7e50d90b.chunk.js.map": "./static/js/4672.7e50d90b.chunk.js.map",
+    "2516.5d118ef6.chunk.js.map": "./static/js/2516.5d118ef6.chunk.js.map",
+    "2759.3ab5d8ec.chunk.js.map": "./static/js/2759.3ab5d8ec.chunk.js.map",
+    "7295.c85034bf.chunk.js.map": "./static/js/7295.c85034bf.chunk.js.map",
+    "7585.cd3ad44f.chunk.js.map": "./static/js/7585.cd3ad44f.chunk.js.map",
+    "4902.b5c5ff07.chunk.js.map": "./static/js/4902.b5c5ff07.chunk.js.map",
+    "7847.659fc617.chunk.js.map": "./static/js/7847.659fc617.chunk.js.map",
+    "3097.86eccc21.chunk.js.map": "./static/js/3097.86eccc21.chunk.js.map",
+    "692.bf3eea50.chunk.js.map": "./static/js/692.bf3eea50.chunk.js.map",
+    "8626.b7bc68f1.chunk.js.map": "./static/js/8626.b7bc68f1.chunk.js.map",
+    "8360.cddfeef1.chunk.js.map": "./static/js/8360.cddfeef1.chunk.js.map",
+    "6577.caaa5471.chunk.js.map": "./static/js/6577.caaa5471.chunk.js.map",
+    "3875.7dc3910c.chunk.js.map": "./static/js/3875.7dc3910c.chunk.js.map",
+    "6401.82b00a73.chunk.js.map": "./static/js/6401.82b00a73.chunk.js.map",
+    "2949.c17a4a94.chunk.js.map": "./static/js/2949.c17a4a94.chunk.js.map",
     "3119.828f52b0.chunk.js.map": "./static/js/3119.828f52b0.chunk.js.map",
-    "5643.a58157c7.chunk.js.map": "./static/js/5643.a58157c7.chunk.js.map",
+    "5643.5f80a628.chunk.js.map": "./static/js/5643.5f80a628.chunk.js.map",
     "4781.f4794912.chunk.js.map": "./static/js/4781.f4794912.chunk.js.map",
     "9478.a335fb0f.chunk.js.map": "./static/js/9478.a335fb0f.chunk.js.map",
     "7164.3762a0c0.chunk.js.map": "./static/js/7164.3762a0c0.chunk.js.map",
-    "4414.c804fea8.chunk.js.map": "./static/js/4414.c804fea8.chunk.js.map",
-    "7798.5da0ca4b.chunk.js.map": "./static/js/7798.5da0ca4b.chunk.js.map",
-    "8833.9f18e03b.chunk.js.map": "./static/js/8833.9f18e03b.chunk.js.map",
-    "6526.904dad0c.chunk.js.map": "./static/js/6526.904dad0c.chunk.js.map",
-    "483.b40960b4.chunk.js.map": "./static/js/483.b40960b4.chunk.js.map",
-    "9467.361c4c5c.chunk.js.map": "./static/js/9467.361c4c5c.chunk.js.map",
-    "6895.c8233c8b.chunk.js.map": "./static/js/6895.c8233c8b.chunk.js.map",
-    "1379.35c4721c.chunk.js.map": "./static/js/1379.35c4721c.chunk.js.map",
-    "8277.ffa83ea5.chunk.js.map": "./static/js/8277.ffa83ea5.chunk.js.map",
-    "4133.9a0577c4.chunk.js.map": "./static/js/4133.9a0577c4.chunk.js.map",
-    "1367.90c9cdc7.chunk.css.map": "./static/css/1367.90c9cdc7.chunk.css.map",
-    "1367.0465294b.chunk.js.map": "./static/js/1367.0465294b.chunk.js.map",
-    "3956.5a9ef42b.chunk.js.map": "./static/js/3956.5a9ef42b.chunk.js.map",
-    "9221.06d80718.chunk.js.map": "./static/js/9221.06d80718.chunk.js.map",
-    "8896.042361de.chunk.js.map": "./static/js/8896.042361de.chunk.js.map",
-    "9134.f135131b.chunk.js.map": "./static/js/9134.f135131b.chunk.js.map",
-    "1268.90c9cdc7.chunk.css.map": "./static/css/1268.90c9cdc7.chunk.css.map",
-    "1268.ed4d5bd8.chunk.js.map": "./static/js/1268.ed4d5bd8.chunk.js.map",
-    "441.ef3a5a69.chunk.js.map": "./static/js/441.ef3a5a69.chunk.js.map",
-    "9145.0a0554bf.chunk.js.map": "./static/js/9145.0a0554bf.chunk.js.map",
-    "8998.6a160b0b.chunk.js.map": "./static/js/8998.6a160b0b.chunk.js.map",
-    "1501.5f62a612.chunk.js.map": "./static/js/1501.5f62a612.chunk.js.map",
-    "7770.0cb798cf.chunk.js.map": "./static/js/7770.0cb798cf.chunk.js.map",
+    "4414.7abfed46.chunk.js.map": "./static/js/4414.7abfed46.chunk.js.map",
+    "7798.8ed31952.chunk.js.map": "./static/js/7798.8ed31952.chunk.js.map",
+    "8833.9dccd2d5.chunk.js.map": "./static/js/8833.9dccd2d5.chunk.js.map",
+    "6526.e3612299.chunk.js.map": "./static/js/6526.e3612299.chunk.js.map",
+    "483.5b997456.chunk.js.map": "./static/js/483.5b997456.chunk.js.map",
+    "9467.8e1b707f.chunk.js.map": "./static/js/9467.8e1b707f.chunk.js.map",
+    "6895.488a4025.chunk.js.map": "./static/js/6895.488a4025.chunk.js.map",
+    "5882.41668ace.chunk.js.map": "./static/js/5882.41668ace.chunk.js.map",
+    "8277.e772e8bd.chunk.js.map": "./static/js/8277.e772e8bd.chunk.js.map",
+    "4133.2386eedc.chunk.js.map": "./static/js/4133.2386eedc.chunk.js.map",
+    "1367.9cb5f34b.chunk.css.map": "./static/css/1367.9cb5f34b.chunk.css.map",
+    "1367.eb3c7186.chunk.js.map": "./static/js/1367.eb3c7186.chunk.js.map",
+    "3956.81b98a64.chunk.js.map": "./static/js/3956.81b98a64.chunk.js.map",
+    "9221.38a31de2.chunk.js.map": "./static/js/9221.38a31de2.chunk.js.map",
+    "8896.2afd6d87.chunk.js.map": "./static/js/8896.2afd6d87.chunk.js.map",
+    "9134.76b1bd01.chunk.js.map": "./static/js/9134.76b1bd01.chunk.js.map",
+    "1268.9cb5f34b.chunk.css.map": "./static/css/1268.9cb5f34b.chunk.css.map",
+    "1268.31853f4b.chunk.js.map": "./static/js/1268.31853f4b.chunk.js.map",
+    "441.d647ea80.chunk.js.map": "./static/js/441.d647ea80.chunk.js.map",
+    "9145.85a731d5.chunk.js.map": "./static/js/9145.85a731d5.chunk.js.map",
+    "8998.5bea3a2b.chunk.js.map": "./static/js/8998.5bea3a2b.chunk.js.map",
+    "1501.e6260482.chunk.js.map": "./static/js/1501.e6260482.chunk.js.map",
+    "7770.771cea33.chunk.js.map": "./static/js/7770.771cea33.chunk.js.map",
     "426.82aff597.chunk.js.map": "./static/js/426.82aff597.chunk.js.map",
     "4298.39009639.chunk.js.map": "./static/js/4298.39009639.chunk.js.map",
     "2878.8dd5ace8.chunk.js.map": "./static/js/2878.8dd5ace8.chunk.js.map",
     "8495.b1689c2d.chunk.js.map": "./static/js/8495.b1689c2d.chunk.js.map",
     "4934.72071d47.chunk.js.map": "./static/js/4934.72071d47.chunk.js.map",
     "9942.78febb7d.chunk.js.map": "./static/js/9942.78febb7d.chunk.js.map",
-    "7021.9ea87695.chunk.js.map": "./static/js/7021.9ea87695.chunk.js.map",
-    "2684.cb179f6c.chunk.js.map": "./static/js/2684.cb179f6c.chunk.js.map",
-    "6683.ae70aa3c.chunk.js.map": "./static/js/6683.ae70aa3c.chunk.js.map",
-    "8350.d0f71354.chunk.js.map": "./static/js/8350.d0f71354.chunk.js.map",
+    "7021.62c812c9.chunk.js.map": "./static/js/7021.62c812c9.chunk.js.map",
+    "2684.dde9af57.chunk.js.map": "./static/js/2684.dde9af57.chunk.js.map",
+    "9567.9cb5f34b.chunk.css.map": "./static/css/9567.9cb5f34b.chunk.css.map",
+    "9567.93e1e8a0.chunk.js.map": "./static/js/9567.93e1e8a0.chunk.js.map",
+    "8350.ff17d087.chunk.js.map": "./static/js/8350.ff17d087.chunk.js.map",
     "4873.9349e8b2.chunk.js.map": "./static/js/4873.9349e8b2.chunk.js.map",
-    "5367.81c2d437.chunk.js.map": "./static/js/5367.81c2d437.chunk.js.map",
-    "6405.61f72110.chunk.js.map": "./static/js/6405.61f72110.chunk.js.map",
-    "5223.98f026b3.chunk.js.map": "./static/js/5223.98f026b3.chunk.js.map",
-    "1799.90db5583.chunk.js.map": "./static/js/1799.90db5583.chunk.js.map",
-    "9297.fb2e535e.chunk.js.map": "./static/js/9297.fb2e535e.chunk.js.map",
-    "9968.481540ab.chunk.js.map": "./static/js/9968.481540ab.chunk.js.map",
-    "2180.14bc77fc.chunk.js.map": "./static/js/2180.14bc77fc.chunk.js.map",
+    "5367.6280cd0d.chunk.js.map": "./static/js/5367.6280cd0d.chunk.js.map",
+    "6405.379b5b82.chunk.js.map": "./static/js/6405.379b5b82.chunk.js.map",
+    "5223.a4346b6b.chunk.js.map": "./static/js/5223.a4346b6b.chunk.js.map",
+    "1799.d2996f85.chunk.js.map": "./static/js/1799.d2996f85.chunk.js.map",
+    "9297.466f48d4.chunk.js.map": "./static/js/9297.466f48d4.chunk.js.map",
+    "9968.8cde9579.chunk.js.map": "./static/js/9968.8cde9579.chunk.js.map",
+    "2180.ecd3ab8b.chunk.js.map": "./static/js/2180.ecd3ab8b.chunk.js.map",
     "8253.fa95cf82.chunk.js.map": "./static/js/8253.fa95cf82.chunk.js.map",
-    "3328.f02a2e4c.chunk.js.map": "./static/js/3328.f02a2e4c.chunk.js.map",
-    "1440.2f369689.chunk.js.map": "./static/js/1440.2f369689.chunk.js.map",
-    "9179.f855888c.chunk.js.map": "./static/js/9179.f855888c.chunk.js.map",
-    "51.c461d317.chunk.js.map": "./static/js/51.c461d317.chunk.js.map",
-    "711.61c682cd.chunk.js.map": "./static/js/711.61c682cd.chunk.js.map",
-    "6901.1be7690b.chunk.js.map": "./static/js/6901.1be7690b.chunk.js.map",
-    "2185.0b324ec6.chunk.js.map": "./static/js/2185.0b324ec6.chunk.js.map",
-    "312.aefc992a.chunk.js.map": "./static/js/312.aefc992a.chunk.js.map",
-    "2112.93e2056f.chunk.js.map": "./static/js/2112.93e2056f.chunk.js.map",
-    "4619.82c18241.chunk.js.map": "./static/js/4619.82c18241.chunk.js.map",
-    "8990.d62803ce.chunk.js.map": "./static/js/8990.d62803ce.chunk.js.map",
-    "8455.ac01170a.chunk.js.map": "./static/js/8455.ac01170a.chunk.js.map",
-    "1913.90c9cdc7.chunk.css.map": "./static/css/1913.90c9cdc7.chunk.css.map",
-    "1913.62bd1877.chunk.js.map": "./static/js/1913.62bd1877.chunk.js.map",
-    "1604.d6abf9f0.chunk.js.map": "./static/js/1604.d6abf9f0.chunk.js.map",
-    "8391.93be3c76.chunk.js.map": "./static/js/8391.93be3c76.chunk.js.map",
-    "402.bce64a61.chunk.js.map": "./static/js/402.bce64a61.chunk.js.map",
+    "3328.72ba5ec0.chunk.js.map": "./static/js/3328.72ba5ec0.chunk.js.map",
+    "1440.d3fd88ff.chunk.js.map": "./static/js/1440.d3fd88ff.chunk.js.map",
+    "9179.73844de6.chunk.js.map": "./static/js/9179.73844de6.chunk.js.map",
+    "51.f63429fd.chunk.js.map": "./static/js/51.f63429fd.chunk.js.map",
+    "711.7013b9d7.chunk.js.map": "./static/js/711.7013b9d7.chunk.js.map",
+    "6901.cda3f1f9.chunk.js.map": "./static/js/6901.cda3f1f9.chunk.js.map",
+    "2185.4baca582.chunk.js.map": "./static/js/2185.4baca582.chunk.js.map",
+    "312.770148c8.chunk.js.map": "./static/js/312.770148c8.chunk.js.map",
+    "2112.c85537ec.chunk.js.map": "./static/js/2112.c85537ec.chunk.js.map",
+    "4619.bbf03503.chunk.js.map": "./static/js/4619.bbf03503.chunk.js.map",
+    "8990.4f806e82.chunk.js.map": "./static/js/8990.4f806e82.chunk.js.map",
+    "8455.8cf8a65d.chunk.js.map": "./static/js/8455.8cf8a65d.chunk.js.map",
+    "1913.9cb5f34b.chunk.css.map": "./static/css/1913.9cb5f34b.chunk.css.map",
+    "1913.2b54b9d3.chunk.js.map": "./static/js/1913.2b54b9d3.chunk.js.map",
+    "1604.fa7e2b2f.chunk.js.map": "./static/js/1604.fa7e2b2f.chunk.js.map",
+    "8391.ba8f9cd2.chunk.js.map": "./static/js/8391.ba8f9cd2.chunk.js.map",
+    "402.46c69861.chunk.js.map": "./static/js/402.46c69861.chunk.js.map",
     "1705.596850eb.chunk.js.map": "./static/js/1705.596850eb.chunk.js.map",
-    "1581.5d8bdb2a.chunk.js.map": "./static/js/1581.5d8bdb2a.chunk.js.map",
-    "455.64f2adc7.chunk.js.map": "./static/js/455.64f2adc7.chunk.js.map",
-    "2661.358ee4e3.chunk.js.map": "./static/js/2661.358ee4e3.chunk.js.map",
-    "889.eb646ebf.chunk.js.map": "./static/js/889.eb646ebf.chunk.js.map",
-    "9088.c0ec4658.chunk.js.map": "./static/js/9088.c0ec4658.chunk.js.map",
-    "247.6ff1fc3d.chunk.js.map": "./static/js/247.6ff1fc3d.chunk.js.map",
-    "2408.d23e2b83.chunk.js.map": "./static/js/2408.d23e2b83.chunk.js.map",
+    "1581.44c0448f.chunk.js.map": "./static/js/1581.44c0448f.chunk.js.map",
+    "455.4b142906.chunk.js.map": "./static/js/455.4b142906.chunk.js.map",
+    "2661.9bd125a1.chunk.js.map": "./static/js/2661.9bd125a1.chunk.js.map",
+    "889.bba47c51.chunk.js.map": "./static/js/889.bba47c51.chunk.js.map",
+    "9088.17f4cb12.chunk.js.map": "./static/js/9088.17f4cb12.chunk.js.map",
+    "247.908c948c.chunk.js.map": "./static/js/247.908c948c.chunk.js.map",
+    "2408.4f7b17cd.chunk.js.map": "./static/js/2408.4f7b17cd.chunk.js.map",
     "5171.e5224ef3.chunk.js.map": "./static/js/5171.e5224ef3.chunk.js.map",
     "3691.ff436a8f.chunk.js.map": "./static/js/3691.ff436a8f.chunk.js.map",
-    "2426.ab27f6f9.chunk.js.map": "./static/js/2426.ab27f6f9.chunk.js.map",
     "2813.cfbfa60f.chunk.js.map": "./static/js/2813.cfbfa60f.chunk.js.map",
+    "2426.ab27f6f9.chunk.js.map": "./static/js/2426.ab27f6f9.chunk.js.map",
     "3801.e9dc3054.chunk.js.map": "./static/js/3801.e9dc3054.chunk.js.map",
     "1918.9385ad56.chunk.js.map": "./static/js/1918.9385ad56.chunk.js.map",
     "1373.c65e2a03.chunk.js.map": "./static/js/1373.c65e2a03.chunk.js.map",
@@ -284,26 +321,27 @@
     "2011.af2dbefb.chunk.js.map": "./static/js/2011.af2dbefb.chunk.js.map",
     "2515.322cc076.chunk.js.map": "./static/js/2515.322cc076.chunk.js.map",
     "1459.03befbb8.chunk.js.map": "./static/js/1459.03befbb8.chunk.js.map",
+    "1465.4525f636.chunk.js.map": "./static/js/1465.4525f636.chunk.js.map",
     "1267.ee70805c.chunk.js.map": "./static/js/1267.ee70805c.chunk.js.map",
     "6172.12ed66ed.chunk.js.map": "./static/js/6172.12ed66ed.chunk.js.map",
-    "4827.a3ee5d0a.chunk.js.map": "./static/js/4827.a3ee5d0a.chunk.js.map",
     "696.c93c6454.chunk.js.map": "./static/js/696.c93c6454.chunk.js.map",
     "3388.6f330810.chunk.js.map": "./static/js/3388.6f330810.chunk.js.map",
     "71.323f55a6.chunk.js.map": "./static/js/71.323f55a6.chunk.js.map",
-    "4709.8bd47e6f.chunk.js.map": "./static/js/4709.8bd47e6f.chunk.js.map",
-    "3870.a1265f93.chunk.js.map": "./static/js/3870.a1265f93.chunk.js.map",
+    "3720.38c690e7.chunk.js.map": "./static/js/3720.38c690e7.chunk.js.map",
+    "1903.42b70cf0.chunk.js.map": "./static/js/1903.42b70cf0.chunk.js.map",
     "6484.de588cc0.chunk.js.map": "./static/js/6484.de588cc0.chunk.js.map",
     "7142.93647281.chunk.js.map": "./static/js/7142.93647281.chunk.js.map",
     "2691.19d72c3c.chunk.js.map": "./static/js/2691.19d72c3c.chunk.js.map",
     "1790.eb475334.chunk.js.map": "./static/js/1790.eb475334.chunk.js.map",
-    "7472.85d323e5.chunk.js.map": "./static/js/7472.85d323e5.chunk.js.map",
+    "2331.288af2ec.chunk.js.map": "./static/js/2331.288af2ec.chunk.js.map",
     "9515.a4e964be.chunk.js.map": "./static/js/9515.a4e964be.chunk.js.map",
-    "2983.15e04479.chunk.js.map": "./static/js/2983.15e04479.chunk.js.map",
-    "48.115b7eb1.chunk.js.map": "./static/js/48.115b7eb1.chunk.js.map",
-    "2763.d85f5750.chunk.js.map": "./static/js/2763.d85f5750.chunk.js.map"
+    "2983.e248775f.chunk.js.map": "./static/js/2983.e248775f.chunk.js.map",
+    "5861.65847210.chunk.js.map": "./static/js/5861.65847210.chunk.js.map",
+    "537.85347210.chunk.js.map": "./static/js/537.85347210.chunk.js.map",
+    "2763.08c6e1fd.chunk.js.map": "./static/js/2763.08c6e1fd.chunk.js.map"
   },
   "entrypoints": [
     "static/css/main.b20a708b.css",
-    "static/js/main.9dec64e0.js"
+    "static/js/main.2b781eaf.js"
   ]
 }

portal-ui/build/index.html

@@ -1 +1 @@
-<!doctype html><html lang="en"><head><meta charset="utf-8"/><base href="/"/><meta content="width=device-width,initial-scale=1" name="viewport"/><meta content="#081C42" media="(prefers-color-scheme: light)" name="theme-color"/><meta content="#081C42" media="(prefers-color-scheme: dark)" name="theme-color"/><meta content="MinIO Console" name="description"/><link href="./styles/root-styles.css" rel="stylesheet"/><link href="./apple-icon-180x180.png" rel="apple-touch-icon" sizes="180x180"/><link href="./favicon-32x32.png" rel="icon" sizes="32x32" type="image/png"/><link href="./favicon-96x96.png" rel="icon" sizes="96x96" type="image/png"/><link href="./favicon-16x16.png" rel="icon" sizes="16x16" type="image/png"/><link href="./manifest.json" rel="manifest"/><link color="#3a4e54" href="./safari-pinned-tab.svg" rel="mask-icon"/><title>MinIO Console</title><script defer="defer" src="./static/js/main.9dec64e0.js"></script><link href="./static/css/main.b20a708b.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"><div id="preload"><img src="./images/background.svg"/> <img src="./images/background-wave-orig2.svg"/></div><div id="loader-block"><img src="./Loader.svg"/></div></div></body></html>
+<!doctype html><html lang="en"><head><meta charset="utf-8"/><base href="/"/><meta content="width=device-width,initial-scale=1" name="viewport"/><meta content="#081C42" media="(prefers-color-scheme: light)" name="theme-color"/><meta content="#081C42" media="(prefers-color-scheme: dark)" name="theme-color"/><meta content="MinIO Console" name="description"/><link href="./styles/root-styles.css" rel="stylesheet"/><link href="./apple-icon-180x180.png" rel="apple-touch-icon" sizes="180x180"/><link href="./favicon-32x32.png" rel="icon" sizes="32x32" type="image/png"/><link href="./favicon-96x96.png" rel="icon" sizes="96x96" type="image/png"/><link href="./favicon-16x16.png" rel="icon" sizes="16x16" type="image/png"/><link href="./manifest.json" rel="manifest"/><link color="#3a4e54" href="./safari-pinned-tab.svg" rel="mask-icon"/><title>MinIO Console</title><script defer="defer" src="./static/js/main.2b781eaf.js"></script><link href="./static/css/main.b20a708b.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"><div id="preload"><img src="./images/background.svg"/> <img src="./images/background-wave-orig2.svg"/></div><div id="loader-block"><img src="./Loader.svg"/></div></div></body></html>

portal-ui/build/manifest.json

@@ -1,6 +1,21 @@
 {
   "name": "MinIO Console",
   "icons": [
+    {
+      "src": "favicon.ico",
+      "sizes": "64x64 32x32 24x24 16x16",
+      "type": "image/x-icon"
+    },
+    {
+      "src": "logo192.png",
+      "type": "image/png",
+      "sizes": "192x192"
+    },
+    {
+      "src": "logo512.png",
+      "type": "image/png",
+      "sizes": "512x512"
+    },
     {
       "src": "android-icon-36x36.png",
       "sizes": "36x36",
@@ -30,12 +45,6 @@
       "sizes": "144x144",
       "type": "image/png",
       "density": "3.0"
-    },
-    {
-      "src": "android-icon-192x192.png",
-      "sizes": "192x192",
-      "type": "image/png",
-      "density": "4.0"
     }
   ]
 }