diff --git a/cmd/admin-handlers-users.go b/cmd/admin-handlers-users.go
index 5d1131dbd..330900ef4 100644
--- a/cmd/admin-handlers-users.go
+++ b/cmd/admin-handlers-users.go
@@ -25,6 +25,7 @@ import (
 	"net/http"
 	"os"
 	"sort"
+	"strings"
 	"time"
 
 	"github.com/gorilla/mux"
@@ -1666,6 +1667,267 @@ func (a adminAPIHandlers) SetPolicyForUserOrGroup(w http.ResponseWriter, r *http
 	}
 }
 
+// AttachPolicyBuiltin - POST /minio/admin/v3/idp/builtin/attach
+func (a adminAPIHandlers) AttachPolicyBuiltin(w http.ResponseWriter, r *http.Request) {
+	ctx := newContext(r, w, "AttachPolicyBuiltin")
+
+	defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r))
+
+	objectAPI, _ := validateAdminReq(ctx, w, r, iampolicy.AttachPolicyAdminAction)
+	if objectAPI == nil {
+		return
+	}
+
+	cred, _, _, s3Err := validateAdminSignature(ctx, r, "")
+	if s3Err != ErrNone {
+		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(s3Err), r.URL)
+		return
+	}
+	password := cred.SecretKey
+
+	reqBytes, err := madmin.DecryptData(password, io.LimitReader(r.Body, r.ContentLength))
+	if err != nil {
+		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+		return
+	}
+
+	var par madmin.PolicyAssociationReq
+	if err = json.Unmarshal(reqBytes, &par); err != nil {
+		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+		return
+	}
+
+	if err = par.IsValid(); err != nil {
+		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+		return
+	}
+
+	userOrGroup := par.User
+	isGroup := false
+
+	if userOrGroup == "" {
+		userOrGroup = par.Group
+		isGroup = true
+	}
+
+	if isGroup {
+		_, err := globalIAMSys.GetGroupDescription(userOrGroup)
+		if err != nil {
+			writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+			return
+		}
+	} else {
+		ok, _, err := globalIAMSys.IsTempUser(userOrGroup)
+		if err != nil && err != errNoSuchUser {
+			writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+			return
+		}
+		if ok {
+			writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, errIAMActionNotAllowed), r.URL)
+			return
+		}
+
+		// Validate that user exists.
+		if globalIAMSys.GetUsersSysType() == MinIOUsersSysType {
+			_, ok := globalIAMSys.GetUser(ctx, userOrGroup)
+			if !ok {
+				writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, errNoSuchUser), r.URL)
+				return
+			}
+		}
+	}
+
+	userType := regUser
+	if globalIAMSys.GetUsersSysType() == LDAPUsersSysType {
+		userType = stsUser
+	}
+
+	var existingPolicies []string
+	if isGroup {
+		existingPolicies, err = globalIAMSys.PolicyDBGet(userOrGroup, true)
+	} else {
+		existingPolicies, err = globalIAMSys.GetUserPolicies(userOrGroup)
+	}
+	if err != nil {
+		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+		return
+	}
+
+	policyMap := make(map[string]bool)
+	for _, p := range existingPolicies {
+		policyMap[p] = true
+	}
+
+	policiesToAttach := par.Policies
+
+	// Check if policy is already attached to user.
+	for _, p := range policiesToAttach {
+		if _, ok := policyMap[p]; ok {
+			writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrPolicyAlreadyAttached), r.URL)
+			return
+		}
+	}
+
+	existingPolicies = append(existingPolicies, policiesToAttach...)
+	newPolicies := strings.Join(existingPolicies, ",")
+
+	updatedAt, err := globalIAMSys.PolicyDBSet(ctx, userOrGroup, newPolicies, userType, isGroup)
+	if err != nil {
+		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+		return
+	}
+
+	if err := globalSiteReplicationSys.IAMChangeHook(ctx, madmin.SRIAMItem{
+		Type: madmin.SRIAMItemPolicyMapping,
+		PolicyMapping: &madmin.SRPolicyMapping{
+			UserOrGroup: userOrGroup,
+			UserType:    int(userType),
+			IsGroup:     isGroup,
+			Policy:      strings.Join(policiesToAttach, ","),
+		},
+		UpdatedAt: updatedAt,
+	}); err != nil {
+		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+		return
+	}
+
+	writeResponse(w, http.StatusCreated, nil, mimeNone)
+}
+
+// DetachPolicyBuiltin - POST /minio/admin/v3/idp/builtin/detach
+func (a adminAPIHandlers) DetachPolicyBuiltin(w http.ResponseWriter, r *http.Request) {
+	ctx := newContext(r, w, "DetachPolicyBuiltin")
+
+	defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r))
+
+	objectAPI, _ := validateAdminReq(ctx, w, r, iampolicy.AttachPolicyAdminAction)
+	if objectAPI == nil {
+		return
+	}
+
+	cred, _, _, s3Err := validateAdminSignature(ctx, r, "")
+	if s3Err != ErrNone {
+		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(s3Err), r.URL)
+		return
+	}
+	password := cred.SecretKey
+
+	reqBytes, err := madmin.DecryptData(password, io.LimitReader(r.Body, r.ContentLength))
+	if err != nil {
+		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+		return
+	}
+
+	var par madmin.PolicyAssociationReq
+	if err = json.Unmarshal(reqBytes, &par); err != nil {
+		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+		return
+	}
+
+	if err = par.IsValid(); err != nil {
+		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+		return
+	}
+
+	userOrGroup := par.User
+	isGroup := false
+
+	if userOrGroup == "" {
+		userOrGroup = par.Group
+		isGroup = true
+	}
+
+	if isGroup {
+		_, err := globalIAMSys.GetGroupDescription(userOrGroup)
+		if err != nil {
+			writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+			return
+		}
+	} else {
+		ok, _, err := globalIAMSys.IsTempUser(userOrGroup)
+		if err != nil && err != errNoSuchUser {
+			writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+			return
+		}
+		if ok {
+			writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, errIAMActionNotAllowed), r.URL)
+			return
+		}
+
+		// Validate that user exists.
+		if globalIAMSys.GetUsersSysType() == MinIOUsersSysType {
+			_, ok := globalIAMSys.GetUser(ctx, userOrGroup)
+			if !ok {
+				writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, errNoSuchUser), r.URL)
+				return
+			}
+		}
+
+		// Return successful JSON response
+		writeSuccessNoContent(w)
+	}
+
+	userType := regUser
+	if globalIAMSys.GetUsersSysType() == LDAPUsersSysType {
+		userType = stsUser
+	}
+
+	var existingPolicies []string
+	if isGroup {
+		existingPolicies, err = globalIAMSys.PolicyDBGet(userOrGroup, true)
+	} else {
+		existingPolicies, err = globalIAMSys.GetUserPolicies(userOrGroup)
+	}
+	if err != nil {
+		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+		return
+	}
+
+	policyMap := make(map[string]bool)
+	for _, p := range existingPolicies {
+		policyMap[p] = true
+	}
+
+	policiesToDetach := par.Policies
+
+	// Check if policy is already attached to user.
+	for _, p := range policiesToDetach {
+		if _, ok := policyMap[p]; ok {
+			delete(policyMap, p)
+		} else {
+			writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrPolicyNotAttached), r.URL)
+			return
+		}
+	}
+
+	newPoliciesSl := []string{}
+	for p := range policyMap {
+		newPoliciesSl = append(newPoliciesSl, p)
+	}
+
+	newPolicies := strings.Join(newPoliciesSl, ",")
+
+	updatedAt, err := globalIAMSys.PolicyDBSet(ctx, userOrGroup, newPolicies, userType, isGroup)
+	if err != nil {
+		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+		return
+	}
+
+	if err := globalSiteReplicationSys.IAMChangeHook(ctx, madmin.SRIAMItem{
+		Type: madmin.SRIAMItemPolicyMapping,
+		PolicyMapping: &madmin.SRPolicyMapping{
+			UserOrGroup: userOrGroup,
+			UserType:    int(userType),
+			IsGroup:     isGroup,
+			Policy:      strings.Join(policiesToDetach, ","),
+		},
+		UpdatedAt: updatedAt,
+	}); err != nil {
+		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
+		return
+	}
+}
+
 const (
 	allPoliciesFile            = "policies.json"
 	allUsersFile               = "users.json"
diff --git a/cmd/admin-router.go b/cmd/admin-router.go
index dd9289ae0..3ba96fcdd 100644
--- a/cmd/admin-router.go
+++ b/cmd/admin-router.go
@@ -159,6 +159,12 @@ func registerAdminRouter(router *mux.Router, enableConfigOps bool) {
 			HandlerFunc(gz(httpTraceHdrs(adminAPI.SetPolicyForUserOrGroup))).
 			Queries("policyName", "{policyName:.*}", "userOrGroup", "{userOrGroup:.*}", "isGroup", "{isGroup:true|false}")
 
+		// Attach policies to user or group
+		adminRouter.Methods(http.MethodPost).Path(adminVersion + "/idp/builtin/policy/attach").HandlerFunc(gz(httpTraceHdrs(adminAPI.AttachPolicyBuiltin)))
+
+		// Detach policies from user or group
+		adminRouter.Methods(http.MethodPost).Path(adminVersion + "/idp/builtin/policy/detach").HandlerFunc(gz(httpTraceHdrs(adminAPI.DetachPolicyBuiltin)))
+
 		// Remove user IAM
 		adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/remove-user").HandlerFunc(gz(httpTraceHdrs(adminAPI.RemoveUser))).Queries("accessKey", "{accessKey:.*}")
 
diff --git a/cmd/api-errors.go b/cmd/api-errors.go
index e9b78efa2..136c7ea72 100644
--- a/cmd/api-errors.go
+++ b/cmd/api-errors.go
@@ -195,6 +195,8 @@ const (
 	ErrBucketTaggingNotFound
 	ErrObjectLockInvalidHeaders
 	ErrInvalidTagDirective
+	ErrPolicyAlreadyAttached
+	ErrPolicyNotAttached
 	// Add new error codes here.
 
 	// SSE-S3/SSE-KMS related API errors
@@ -1939,6 +1941,16 @@ var errorCodes = errorCodeMap{
 		Description:    "Invalid checksum provided.",
 		HTTPStatusCode: http.StatusBadRequest,
 	},
+	ErrPolicyAlreadyAttached: {
+		Code:           "XMinioPolicyAlreadyAttached",
+		Description:    "The specified policy is already attached.",
+		HTTPStatusCode: http.StatusConflict,
+	},
+	ErrPolicyNotAttached: {
+		Code:           "XMinioPolicyNotAttached",
+		Description:    "The specified policy is not found.",
+		HTTPStatusCode: http.StatusNotFound,
+	},
 	// Add your error structure here.
 }
 
diff --git a/cmd/apierrorcode_string.go b/cmd/apierrorcode_string.go
index 07554005a..96650a049 100644
--- a/cmd/apierrorcode_string.go
+++ b/cmd/apierrorcode_string.go
@@ -129,192 +129,194 @@ func _() {
 	_ = x[ErrBucketTaggingNotFound-118]
 	_ = x[ErrObjectLockInvalidHeaders-119]
 	_ = x[ErrInvalidTagDirective-120]
-	_ = x[ErrInvalidEncryptionMethod-121]
-	_ = x[ErrInvalidEncryptionKeyID-122]
-	_ = x[ErrInsecureSSECustomerRequest-123]
-	_ = x[ErrSSEMultipartEncrypted-124]
-	_ = x[ErrSSEEncryptedObject-125]
-	_ = x[ErrInvalidEncryptionParameters-126]
-	_ = x[ErrInvalidSSECustomerAlgorithm-127]
-	_ = x[ErrInvalidSSECustomerKey-128]
-	_ = x[ErrMissingSSECustomerKey-129]
-	_ = x[ErrMissingSSECustomerKeyMD5-130]
-	_ = x[ErrSSECustomerKeyMD5Mismatch-131]
-	_ = x[ErrInvalidSSECustomerParameters-132]
-	_ = x[ErrIncompatibleEncryptionMethod-133]
-	_ = x[ErrKMSNotConfigured-134]
-	_ = x[ErrKMSKeyNotFoundException-135]
-	_ = x[ErrNoAccessKey-136]
-	_ = x[ErrInvalidToken-137]
-	_ = x[ErrEventNotification-138]
-	_ = x[ErrARNNotification-139]
-	_ = x[ErrRegionNotification-140]
-	_ = x[ErrOverlappingFilterNotification-141]
-	_ = x[ErrFilterNameInvalid-142]
-	_ = x[ErrFilterNamePrefix-143]
-	_ = x[ErrFilterNameSuffix-144]
-	_ = x[ErrFilterValueInvalid-145]
-	_ = x[ErrOverlappingConfigs-146]
-	_ = x[ErrUnsupportedNotification-147]
-	_ = x[ErrContentSHA256Mismatch-148]
-	_ = x[ErrContentChecksumMismatch-149]
-	_ = x[ErrReadQuorum-150]
-	_ = x[ErrWriteQuorum-151]
-	_ = x[ErrStorageFull-152]
-	_ = x[ErrRequestBodyParse-153]
-	_ = x[ErrObjectExistsAsDirectory-154]
-	_ = x[ErrInvalidObjectName-155]
-	_ = x[ErrInvalidObjectNamePrefixSlash-156]
-	_ = x[ErrInvalidResourceName-157]
-	_ = x[ErrServerNotInitialized-158]
-	_ = x[ErrOperationTimedOut-159]
-	_ = x[ErrClientDisconnected-160]
-	_ = x[ErrOperationMaxedOut-161]
-	_ = x[ErrInvalidRequest-162]
-	_ = x[ErrTransitionStorageClassNotFoundError-163]
-	_ = x[ErrInvalidStorageClass-164]
-	_ = x[ErrBackendDown-165]
-	_ = x[ErrMalformedJSON-166]
-	_ = x[ErrAdminNoSuchUser-167]
-	_ = x[ErrAdminNoSuchGroup-168]
-	_ = x[ErrAdminGroupNotEmpty-169]
-	_ = x[ErrAdminNoSuchJob-170]
-	_ = x[ErrAdminNoSuchPolicy-171]
-	_ = x[ErrAdminPolicyChangeAlreadyApplied-172]
-	_ = x[ErrAdminInvalidArgument-173]
-	_ = x[ErrAdminInvalidAccessKey-174]
-	_ = x[ErrAdminInvalidSecretKey-175]
-	_ = x[ErrAdminConfigNoQuorum-176]
-	_ = x[ErrAdminConfigTooLarge-177]
-	_ = x[ErrAdminConfigBadJSON-178]
-	_ = x[ErrAdminNoSuchConfigTarget-179]
-	_ = x[ErrAdminConfigEnvOverridden-180]
-	_ = x[ErrAdminConfigDuplicateKeys-181]
-	_ = x[ErrAdminConfigInvalidIDPType-182]
-	_ = x[ErrAdminConfigLDAPValidation-183]
-	_ = x[ErrAdminConfigIDPCfgNameAlreadyExists-184]
-	_ = x[ErrAdminConfigIDPCfgNameDoesNotExist-185]
-	_ = x[ErrAdminCredentialsMismatch-186]
-	_ = x[ErrInsecureClientRequest-187]
-	_ = x[ErrObjectTampered-188]
-	_ = x[ErrSiteReplicationInvalidRequest-189]
-	_ = x[ErrSiteReplicationPeerResp-190]
-	_ = x[ErrSiteReplicationBackendIssue-191]
-	_ = x[ErrSiteReplicationServiceAccountError-192]
-	_ = x[ErrSiteReplicationBucketConfigError-193]
-	_ = x[ErrSiteReplicationBucketMetaError-194]
-	_ = x[ErrSiteReplicationIAMError-195]
-	_ = x[ErrSiteReplicationConfigMissing-196]
-	_ = x[ErrAdminRebalanceAlreadyStarted-197]
-	_ = x[ErrAdminRebalanceNotStarted-198]
-	_ = x[ErrAdminBucketQuotaExceeded-199]
-	_ = x[ErrAdminNoSuchQuotaConfiguration-200]
-	_ = x[ErrHealNotImplemented-201]
-	_ = x[ErrHealNoSuchProcess-202]
-	_ = x[ErrHealInvalidClientToken-203]
-	_ = x[ErrHealMissingBucket-204]
-	_ = x[ErrHealAlreadyRunning-205]
-	_ = x[ErrHealOverlappingPaths-206]
-	_ = x[ErrIncorrectContinuationToken-207]
-	_ = x[ErrEmptyRequestBody-208]
-	_ = x[ErrUnsupportedFunction-209]
-	_ = x[ErrInvalidExpressionType-210]
-	_ = x[ErrBusy-211]
-	_ = x[ErrUnauthorizedAccess-212]
-	_ = x[ErrExpressionTooLong-213]
-	_ = x[ErrIllegalSQLFunctionArgument-214]
-	_ = x[ErrInvalidKeyPath-215]
-	_ = x[ErrInvalidCompressionFormat-216]
-	_ = x[ErrInvalidFileHeaderInfo-217]
-	_ = x[ErrInvalidJSONType-218]
-	_ = x[ErrInvalidQuoteFields-219]
-	_ = x[ErrInvalidRequestParameter-220]
-	_ = x[ErrInvalidDataType-221]
-	_ = x[ErrInvalidTextEncoding-222]
-	_ = x[ErrInvalidDataSource-223]
-	_ = x[ErrInvalidTableAlias-224]
-	_ = x[ErrMissingRequiredParameter-225]
-	_ = x[ErrObjectSerializationConflict-226]
-	_ = x[ErrUnsupportedSQLOperation-227]
-	_ = x[ErrUnsupportedSQLStructure-228]
-	_ = x[ErrUnsupportedSyntax-229]
-	_ = x[ErrUnsupportedRangeHeader-230]
-	_ = x[ErrLexerInvalidChar-231]
-	_ = x[ErrLexerInvalidOperator-232]
-	_ = x[ErrLexerInvalidLiteral-233]
-	_ = x[ErrLexerInvalidIONLiteral-234]
-	_ = x[ErrParseExpectedDatePart-235]
-	_ = x[ErrParseExpectedKeyword-236]
-	_ = x[ErrParseExpectedTokenType-237]
-	_ = x[ErrParseExpected2TokenTypes-238]
-	_ = x[ErrParseExpectedNumber-239]
-	_ = x[ErrParseExpectedRightParenBuiltinFunctionCall-240]
-	_ = x[ErrParseExpectedTypeName-241]
-	_ = x[ErrParseExpectedWhenClause-242]
-	_ = x[ErrParseUnsupportedToken-243]
-	_ = x[ErrParseUnsupportedLiteralsGroupBy-244]
-	_ = x[ErrParseExpectedMember-245]
-	_ = x[ErrParseUnsupportedSelect-246]
-	_ = x[ErrParseUnsupportedCase-247]
-	_ = x[ErrParseUnsupportedCaseClause-248]
-	_ = x[ErrParseUnsupportedAlias-249]
-	_ = x[ErrParseUnsupportedSyntax-250]
-	_ = x[ErrParseUnknownOperator-251]
-	_ = x[ErrParseMissingIdentAfterAt-252]
-	_ = x[ErrParseUnexpectedOperator-253]
-	_ = x[ErrParseUnexpectedTerm-254]
-	_ = x[ErrParseUnexpectedToken-255]
-	_ = x[ErrParseUnexpectedKeyword-256]
-	_ = x[ErrParseExpectedExpression-257]
-	_ = x[ErrParseExpectedLeftParenAfterCast-258]
-	_ = x[ErrParseExpectedLeftParenValueConstructor-259]
-	_ = x[ErrParseExpectedLeftParenBuiltinFunctionCall-260]
-	_ = x[ErrParseExpectedArgumentDelimiter-261]
-	_ = x[ErrParseCastArity-262]
-	_ = x[ErrParseInvalidTypeParam-263]
-	_ = x[ErrParseEmptySelect-264]
-	_ = x[ErrParseSelectMissingFrom-265]
-	_ = x[ErrParseExpectedIdentForGroupName-266]
-	_ = x[ErrParseExpectedIdentForAlias-267]
-	_ = x[ErrParseUnsupportedCallWithStar-268]
-	_ = x[ErrParseNonUnaryAgregateFunctionCall-269]
-	_ = x[ErrParseMalformedJoin-270]
-	_ = x[ErrParseExpectedIdentForAt-271]
-	_ = x[ErrParseAsteriskIsNotAloneInSelectList-272]
-	_ = x[ErrParseCannotMixSqbAndWildcardInSelectList-273]
-	_ = x[ErrParseInvalidContextForWildcardInSelectList-274]
-	_ = x[ErrIncorrectSQLFunctionArgumentType-275]
-	_ = x[ErrValueParseFailure-276]
-	_ = x[ErrEvaluatorInvalidArguments-277]
-	_ = x[ErrIntegerOverflow-278]
-	_ = x[ErrLikeInvalidInputs-279]
-	_ = x[ErrCastFailed-280]
-	_ = x[ErrInvalidCast-281]
-	_ = x[ErrEvaluatorInvalidTimestampFormatPattern-282]
-	_ = x[ErrEvaluatorInvalidTimestampFormatPatternSymbolForParsing-283]
-	_ = x[ErrEvaluatorTimestampFormatPatternDuplicateFields-284]
-	_ = x[ErrEvaluatorTimestampFormatPatternHourClockAmPmMismatch-285]
-	_ = x[ErrEvaluatorUnterminatedTimestampFormatPatternToken-286]
-	_ = x[ErrEvaluatorInvalidTimestampFormatPatternToken-287]
-	_ = x[ErrEvaluatorInvalidTimestampFormatPatternSymbol-288]
-	_ = x[ErrEvaluatorBindingDoesNotExist-289]
-	_ = x[ErrMissingHeaders-290]
-	_ = x[ErrInvalidColumnIndex-291]
-	_ = x[ErrAdminConfigNotificationTargetsFailed-292]
-	_ = x[ErrAdminProfilerNotEnabled-293]
-	_ = x[ErrInvalidDecompressedSize-294]
-	_ = x[ErrAddUserInvalidArgument-295]
-	_ = x[ErrAdminResourceInvalidArgument-296]
-	_ = x[ErrAdminAccountNotEligible-297]
-	_ = x[ErrAccountNotEligible-298]
-	_ = x[ErrAdminServiceAccountNotFound-299]
-	_ = x[ErrPostPolicyConditionInvalidFormat-300]
-	_ = x[ErrInvalidChecksum-301]
+	_ = x[ErrPolicyAlreadyAttached-121]
+	_ = x[ErrPolicyNotAttached-122]
+	_ = x[ErrInvalidEncryptionMethod-123]
+	_ = x[ErrInvalidEncryptionKeyID-124]
+	_ = x[ErrInsecureSSECustomerRequest-125]
+	_ = x[ErrSSEMultipartEncrypted-126]
+	_ = x[ErrSSEEncryptedObject-127]
+	_ = x[ErrInvalidEncryptionParameters-128]
+	_ = x[ErrInvalidSSECustomerAlgorithm-129]
+	_ = x[ErrInvalidSSECustomerKey-130]
+	_ = x[ErrMissingSSECustomerKey-131]
+	_ = x[ErrMissingSSECustomerKeyMD5-132]
+	_ = x[ErrSSECustomerKeyMD5Mismatch-133]
+	_ = x[ErrInvalidSSECustomerParameters-134]
+	_ = x[ErrIncompatibleEncryptionMethod-135]
+	_ = x[ErrKMSNotConfigured-136]
+	_ = x[ErrKMSKeyNotFoundException-137]
+	_ = x[ErrNoAccessKey-138]
+	_ = x[ErrInvalidToken-139]
+	_ = x[ErrEventNotification-140]
+	_ = x[ErrARNNotification-141]
+	_ = x[ErrRegionNotification-142]
+	_ = x[ErrOverlappingFilterNotification-143]
+	_ = x[ErrFilterNameInvalid-144]
+	_ = x[ErrFilterNamePrefix-145]
+	_ = x[ErrFilterNameSuffix-146]
+	_ = x[ErrFilterValueInvalid-147]
+	_ = x[ErrOverlappingConfigs-148]
+	_ = x[ErrUnsupportedNotification-149]
+	_ = x[ErrContentSHA256Mismatch-150]
+	_ = x[ErrContentChecksumMismatch-151]
+	_ = x[ErrReadQuorum-152]
+	_ = x[ErrWriteQuorum-153]
+	_ = x[ErrStorageFull-154]
+	_ = x[ErrRequestBodyParse-155]
+	_ = x[ErrObjectExistsAsDirectory-156]
+	_ = x[ErrInvalidObjectName-157]
+	_ = x[ErrInvalidObjectNamePrefixSlash-158]
+	_ = x[ErrInvalidResourceName-159]
+	_ = x[ErrServerNotInitialized-160]
+	_ = x[ErrOperationTimedOut-161]
+	_ = x[ErrClientDisconnected-162]
+	_ = x[ErrOperationMaxedOut-163]
+	_ = x[ErrInvalidRequest-164]
+	_ = x[ErrTransitionStorageClassNotFoundError-165]
+	_ = x[ErrInvalidStorageClass-166]
+	_ = x[ErrBackendDown-167]
+	_ = x[ErrMalformedJSON-168]
+	_ = x[ErrAdminNoSuchUser-169]
+	_ = x[ErrAdminNoSuchGroup-170]
+	_ = x[ErrAdminGroupNotEmpty-171]
+	_ = x[ErrAdminNoSuchJob-172]
+	_ = x[ErrAdminNoSuchPolicy-173]
+	_ = x[ErrAdminPolicyChangeAlreadyApplied-174]
+	_ = x[ErrAdminInvalidArgument-175]
+	_ = x[ErrAdminInvalidAccessKey-176]
+	_ = x[ErrAdminInvalidSecretKey-177]
+	_ = x[ErrAdminConfigNoQuorum-178]
+	_ = x[ErrAdminConfigTooLarge-179]
+	_ = x[ErrAdminConfigBadJSON-180]
+	_ = x[ErrAdminNoSuchConfigTarget-181]
+	_ = x[ErrAdminConfigEnvOverridden-182]
+	_ = x[ErrAdminConfigDuplicateKeys-183]
+	_ = x[ErrAdminConfigInvalidIDPType-184]
+	_ = x[ErrAdminConfigLDAPValidation-185]
+	_ = x[ErrAdminConfigIDPCfgNameAlreadyExists-186]
+	_ = x[ErrAdminConfigIDPCfgNameDoesNotExist-187]
+	_ = x[ErrAdminCredentialsMismatch-188]
+	_ = x[ErrInsecureClientRequest-189]
+	_ = x[ErrObjectTampered-190]
+	_ = x[ErrSiteReplicationInvalidRequest-191]
+	_ = x[ErrSiteReplicationPeerResp-192]
+	_ = x[ErrSiteReplicationBackendIssue-193]
+	_ = x[ErrSiteReplicationServiceAccountError-194]
+	_ = x[ErrSiteReplicationBucketConfigError-195]
+	_ = x[ErrSiteReplicationBucketMetaError-196]
+	_ = x[ErrSiteReplicationIAMError-197]
+	_ = x[ErrSiteReplicationConfigMissing-198]
+	_ = x[ErrAdminRebalanceAlreadyStarted-199]
+	_ = x[ErrAdminRebalanceNotStarted-200]
+	_ = x[ErrAdminBucketQuotaExceeded-201]
+	_ = x[ErrAdminNoSuchQuotaConfiguration-202]
+	_ = x[ErrHealNotImplemented-203]
+	_ = x[ErrHealNoSuchProcess-204]
+	_ = x[ErrHealInvalidClientToken-205]
+	_ = x[ErrHealMissingBucket-206]
+	_ = x[ErrHealAlreadyRunning-207]
+	_ = x[ErrHealOverlappingPaths-208]
+	_ = x[ErrIncorrectContinuationToken-209]
+	_ = x[ErrEmptyRequestBody-210]
+	_ = x[ErrUnsupportedFunction-211]
+	_ = x[ErrInvalidExpressionType-212]
+	_ = x[ErrBusy-213]
+	_ = x[ErrUnauthorizedAccess-214]
+	_ = x[ErrExpressionTooLong-215]
+	_ = x[ErrIllegalSQLFunctionArgument-216]
+	_ = x[ErrInvalidKeyPath-217]
+	_ = x[ErrInvalidCompressionFormat-218]
+	_ = x[ErrInvalidFileHeaderInfo-219]
+	_ = x[ErrInvalidJSONType-220]
+	_ = x[ErrInvalidQuoteFields-221]
+	_ = x[ErrInvalidRequestParameter-222]
+	_ = x[ErrInvalidDataType-223]
+	_ = x[ErrInvalidTextEncoding-224]
+	_ = x[ErrInvalidDataSource-225]
+	_ = x[ErrInvalidTableAlias-226]
+	_ = x[ErrMissingRequiredParameter-227]
+	_ = x[ErrObjectSerializationConflict-228]
+	_ = x[ErrUnsupportedSQLOperation-229]
+	_ = x[ErrUnsupportedSQLStructure-230]
+	_ = x[ErrUnsupportedSyntax-231]
+	_ = x[ErrUnsupportedRangeHeader-232]
+	_ = x[ErrLexerInvalidChar-233]
+	_ = x[ErrLexerInvalidOperator-234]
+	_ = x[ErrLexerInvalidLiteral-235]
+	_ = x[ErrLexerInvalidIONLiteral-236]
+	_ = x[ErrParseExpectedDatePart-237]
+	_ = x[ErrParseExpectedKeyword-238]
+	_ = x[ErrParseExpectedTokenType-239]
+	_ = x[ErrParseExpected2TokenTypes-240]
+	_ = x[ErrParseExpectedNumber-241]
+	_ = x[ErrParseExpectedRightParenBuiltinFunctionCall-242]
+	_ = x[ErrParseExpectedTypeName-243]
+	_ = x[ErrParseExpectedWhenClause-244]
+	_ = x[ErrParseUnsupportedToken-245]
+	_ = x[ErrParseUnsupportedLiteralsGroupBy-246]
+	_ = x[ErrParseExpectedMember-247]
+	_ = x[ErrParseUnsupportedSelect-248]
+	_ = x[ErrParseUnsupportedCase-249]
+	_ = x[ErrParseUnsupportedCaseClause-250]
+	_ = x[ErrParseUnsupportedAlias-251]
+	_ = x[ErrParseUnsupportedSyntax-252]
+	_ = x[ErrParseUnknownOperator-253]
+	_ = x[ErrParseMissingIdentAfterAt-254]
+	_ = x[ErrParseUnexpectedOperator-255]
+	_ = x[ErrParseUnexpectedTerm-256]
+	_ = x[ErrParseUnexpectedToken-257]
+	_ = x[ErrParseUnexpectedKeyword-258]
+	_ = x[ErrParseExpectedExpression-259]
+	_ = x[ErrParseExpectedLeftParenAfterCast-260]
+	_ = x[ErrParseExpectedLeftParenValueConstructor-261]
+	_ = x[ErrParseExpectedLeftParenBuiltinFunctionCall-262]
+	_ = x[ErrParseExpectedArgumentDelimiter-263]
+	_ = x[ErrParseCastArity-264]
+	_ = x[ErrParseInvalidTypeParam-265]
+	_ = x[ErrParseEmptySelect-266]
+	_ = x[ErrParseSelectMissingFrom-267]
+	_ = x[ErrParseExpectedIdentForGroupName-268]
+	_ = x[ErrParseExpectedIdentForAlias-269]
+	_ = x[ErrParseUnsupportedCallWithStar-270]
+	_ = x[ErrParseNonUnaryAgregateFunctionCall-271]
+	_ = x[ErrParseMalformedJoin-272]
+	_ = x[ErrParseExpectedIdentForAt-273]
+	_ = x[ErrParseAsteriskIsNotAloneInSelectList-274]
+	_ = x[ErrParseCannotMixSqbAndWildcardInSelectList-275]
+	_ = x[ErrParseInvalidContextForWildcardInSelectList-276]
+	_ = x[ErrIncorrectSQLFunctionArgumentType-277]
+	_ = x[ErrValueParseFailure-278]
+	_ = x[ErrEvaluatorInvalidArguments-279]
+	_ = x[ErrIntegerOverflow-280]
+	_ = x[ErrLikeInvalidInputs-281]
+	_ = x[ErrCastFailed-282]
+	_ = x[ErrInvalidCast-283]
+	_ = x[ErrEvaluatorInvalidTimestampFormatPattern-284]
+	_ = x[ErrEvaluatorInvalidTimestampFormatPatternSymbolForParsing-285]
+	_ = x[ErrEvaluatorTimestampFormatPatternDuplicateFields-286]
+	_ = x[ErrEvaluatorTimestampFormatPatternHourClockAmPmMismatch-287]
+	_ = x[ErrEvaluatorUnterminatedTimestampFormatPatternToken-288]
+	_ = x[ErrEvaluatorInvalidTimestampFormatPatternToken-289]
+	_ = x[ErrEvaluatorInvalidTimestampFormatPatternSymbol-290]
+	_ = x[ErrEvaluatorBindingDoesNotExist-291]
+	_ = x[ErrMissingHeaders-292]
+	_ = x[ErrInvalidColumnIndex-293]
+	_ = x[ErrAdminConfigNotificationTargetsFailed-294]
+	_ = x[ErrAdminProfilerNotEnabled-295]
+	_ = x[ErrInvalidDecompressedSize-296]
+	_ = x[ErrAddUserInvalidArgument-297]
+	_ = x[ErrAdminResourceInvalidArgument-298]
+	_ = x[ErrAdminAccountNotEligible-299]
+	_ = x[ErrAccountNotEligible-300]
+	_ = x[ErrAdminServiceAccountNotFound-301]
+	_ = x[ErrPostPolicyConditionInvalidFormat-302]
+	_ = x[ErrInvalidChecksum-303]
 }
 
-const _APIErrorCode_name = "NoneAccessDeniedBadDigestEntityTooSmallEntityTooLargePolicyTooLargeIncompleteBodyInternalErrorInvalidAccessKeyIDAccessKeyDisabledInvalidBucketNameInvalidDigestInvalidRangeInvalidRangePartNumberInvalidCopyPartRangeInvalidCopyPartRangeSourceInvalidMaxKeysInvalidEncodingMethodInvalidMaxUploadsInvalidMaxPartsInvalidPartNumberMarkerInvalidPartNumberInvalidRequestBodyInvalidCopySourceInvalidMetadataDirectiveInvalidCopyDestInvalidPolicyDocumentInvalidObjectStateMalformedXMLMissingContentLengthMissingContentMD5MissingRequestBodyErrorMissingSecurityHeaderNoSuchBucketNoSuchBucketPolicyNoSuchBucketLifecycleNoSuchLifecycleConfigurationInvalidLifecycleWithObjectLockNoSuchBucketSSEConfigNoSuchCORSConfigurationNoSuchWebsiteConfigurationReplicationConfigurationNotFoundErrorRemoteDestinationNotFoundErrorReplicationDestinationMissingLockRemoteTargetNotFoundErrorReplicationRemoteConnectionErrorReplicationBandwidthLimitErrorBucketRemoteIdenticalToSourceBucketRemoteAlreadyExistsBucketRemoteLabelInUseBucketRemoteArnTypeInvalidBucketRemoteArnInvalidBucketRemoteRemoveDisallowedRemoteTargetNotVersionedErrorReplicationSourceNotVersionedErrorReplicationNeedsVersioningErrorReplicationBucketNeedsVersioningErrorReplicationDenyEditErrorReplicationNoExistingObjectsObjectRestoreAlreadyInProgressNoSuchKeyNoSuchUploadInvalidVersionIDNoSuchVersionNotImplementedPreconditionFailedRequestTimeTooSkewedSignatureDoesNotMatchMethodNotAllowedInvalidPartInvalidPartOrderAuthorizationHeaderMalformedMalformedPOSTRequestPOSTFileRequiredSignatureVersionNotSupportedBucketNotEmptyAllAccessDisabledPolicyInvalidVersionMissingFieldsMissingCredTagCredMalformedInvalidRegionInvalidServiceS3InvalidServiceSTSInvalidRequestVersionMissingSignTagMissingSignHeadersTagMalformedDateMalformedPresignedDateMalformedCredentialDateMalformedCredentialRegionMalformedExpiresNegativeExpiresAuthHeaderEmptyExpiredPresignRequestRequestNotReadyYetUnsignedHeadersMissingDateHeaderInvalidQuerySignatureAlgoInvalidQueryParamsBucketAlreadyOwnedByYouInvalidDurationBucketAlreadyExistsMetadataTooLargeUnsupportedMetadataMaximumExpiresSlowDownInvalidPrefixMarkerBadRequestKeyTooLongErrorInvalidBucketObjectLockConfigurationObjectLockConfigurationNotFoundObjectLockConfigurationNotAllowedNoSuchObjectLockConfigurationObjectLockedInvalidRetentionDatePastObjectLockRetainDateUnknownWORMModeDirectiveBucketTaggingNotFoundObjectLockInvalidHeadersInvalidTagDirectiveInvalidEncryptionMethodInvalidEncryptionKeyIDInsecureSSECustomerRequestSSEMultipartEncryptedSSEEncryptedObjectInvalidEncryptionParametersInvalidSSECustomerAlgorithmInvalidSSECustomerKeyMissingSSECustomerKeyMissingSSECustomerKeyMD5SSECustomerKeyMD5MismatchInvalidSSECustomerParametersIncompatibleEncryptionMethodKMSNotConfiguredKMSKeyNotFoundExceptionNoAccessKeyInvalidTokenEventNotificationARNNotificationRegionNotificationOverlappingFilterNotificationFilterNameInvalidFilterNamePrefixFilterNameSuffixFilterValueInvalidOverlappingConfigsUnsupportedNotificationContentSHA256MismatchContentChecksumMismatchReadQuorumWriteQuorumStorageFullRequestBodyParseObjectExistsAsDirectoryInvalidObjectNameInvalidObjectNamePrefixSlashInvalidResourceNameServerNotInitializedOperationTimedOutClientDisconnectedOperationMaxedOutInvalidRequestTransitionStorageClassNotFoundErrorInvalidStorageClassBackendDownMalformedJSONAdminNoSuchUserAdminNoSuchGroupAdminGroupNotEmptyAdminNoSuchJobAdminNoSuchPolicyAdminPolicyChangeAlreadyAppliedAdminInvalidArgumentAdminInvalidAccessKeyAdminInvalidSecretKeyAdminConfigNoQuorumAdminConfigTooLargeAdminConfigBadJSONAdminNoSuchConfigTargetAdminConfigEnvOverriddenAdminConfigDuplicateKeysAdminConfigInvalidIDPTypeAdminConfigLDAPValidationAdminConfigIDPCfgNameAlreadyExistsAdminConfigIDPCfgNameDoesNotExistAdminCredentialsMismatchInsecureClientRequestObjectTamperedSiteReplicationInvalidRequestSiteReplicationPeerRespSiteReplicationBackendIssueSiteReplicationServiceAccountErrorSiteReplicationBucketConfigErrorSiteReplicationBucketMetaErrorSiteReplicationIAMErrorSiteReplicationConfigMissingAdminRebalanceAlreadyStartedAdminRebalanceNotStartedAdminBucketQuotaExceededAdminNoSuchQuotaConfigurationHealNotImplementedHealNoSuchProcessHealInvalidClientTokenHealMissingBucketHealAlreadyRunningHealOverlappingPathsIncorrectContinuationTokenEmptyRequestBodyUnsupportedFunctionInvalidExpressionTypeBusyUnauthorizedAccessExpressionTooLongIllegalSQLFunctionArgumentInvalidKeyPathInvalidCompressionFormatInvalidFileHeaderInfoInvalidJSONTypeInvalidQuoteFieldsInvalidRequestParameterInvalidDataTypeInvalidTextEncodingInvalidDataSourceInvalidTableAliasMissingRequiredParameterObjectSerializationConflictUnsupportedSQLOperationUnsupportedSQLStructureUnsupportedSyntaxUnsupportedRangeHeaderLexerInvalidCharLexerInvalidOperatorLexerInvalidLiteralLexerInvalidIONLiteralParseExpectedDatePartParseExpectedKeywordParseExpectedTokenTypeParseExpected2TokenTypesParseExpectedNumberParseExpectedRightParenBuiltinFunctionCallParseExpectedTypeNameParseExpectedWhenClauseParseUnsupportedTokenParseUnsupportedLiteralsGroupByParseExpectedMemberParseUnsupportedSelectParseUnsupportedCaseParseUnsupportedCaseClauseParseUnsupportedAliasParseUnsupportedSyntaxParseUnknownOperatorParseMissingIdentAfterAtParseUnexpectedOperatorParseUnexpectedTermParseUnexpectedTokenParseUnexpectedKeywordParseExpectedExpressionParseExpectedLeftParenAfterCastParseExpectedLeftParenValueConstructorParseExpectedLeftParenBuiltinFunctionCallParseExpectedArgumentDelimiterParseCastArityParseInvalidTypeParamParseEmptySelectParseSelectMissingFromParseExpectedIdentForGroupNameParseExpectedIdentForAliasParseUnsupportedCallWithStarParseNonUnaryAgregateFunctionCallParseMalformedJoinParseExpectedIdentForAtParseAsteriskIsNotAloneInSelectListParseCannotMixSqbAndWildcardInSelectListParseInvalidContextForWildcardInSelectListIncorrectSQLFunctionArgumentTypeValueParseFailureEvaluatorInvalidArgumentsIntegerOverflowLikeInvalidInputsCastFailedInvalidCastEvaluatorInvalidTimestampFormatPatternEvaluatorInvalidTimestampFormatPatternSymbolForParsingEvaluatorTimestampFormatPatternDuplicateFieldsEvaluatorTimestampFormatPatternHourClockAmPmMismatchEvaluatorUnterminatedTimestampFormatPatternTokenEvaluatorInvalidTimestampFormatPatternTokenEvaluatorInvalidTimestampFormatPatternSymbolEvaluatorBindingDoesNotExistMissingHeadersInvalidColumnIndexAdminConfigNotificationTargetsFailedAdminProfilerNotEnabledInvalidDecompressedSizeAddUserInvalidArgumentAdminResourceInvalidArgumentAdminAccountNotEligibleAccountNotEligibleAdminServiceAccountNotFoundPostPolicyConditionInvalidFormatInvalidChecksum"
+const _APIErrorCode_name = "NoneAccessDeniedBadDigestEntityTooSmallEntityTooLargePolicyTooLargeIncompleteBodyInternalErrorInvalidAccessKeyIDAccessKeyDisabledInvalidBucketNameInvalidDigestInvalidRangeInvalidRangePartNumberInvalidCopyPartRangeInvalidCopyPartRangeSourceInvalidMaxKeysInvalidEncodingMethodInvalidMaxUploadsInvalidMaxPartsInvalidPartNumberMarkerInvalidPartNumberInvalidRequestBodyInvalidCopySourceInvalidMetadataDirectiveInvalidCopyDestInvalidPolicyDocumentInvalidObjectStateMalformedXMLMissingContentLengthMissingContentMD5MissingRequestBodyErrorMissingSecurityHeaderNoSuchBucketNoSuchBucketPolicyNoSuchBucketLifecycleNoSuchLifecycleConfigurationInvalidLifecycleWithObjectLockNoSuchBucketSSEConfigNoSuchCORSConfigurationNoSuchWebsiteConfigurationReplicationConfigurationNotFoundErrorRemoteDestinationNotFoundErrorReplicationDestinationMissingLockRemoteTargetNotFoundErrorReplicationRemoteConnectionErrorReplicationBandwidthLimitErrorBucketRemoteIdenticalToSourceBucketRemoteAlreadyExistsBucketRemoteLabelInUseBucketRemoteArnTypeInvalidBucketRemoteArnInvalidBucketRemoteRemoveDisallowedRemoteTargetNotVersionedErrorReplicationSourceNotVersionedErrorReplicationNeedsVersioningErrorReplicationBucketNeedsVersioningErrorReplicationDenyEditErrorReplicationNoExistingObjectsObjectRestoreAlreadyInProgressNoSuchKeyNoSuchUploadInvalidVersionIDNoSuchVersionNotImplementedPreconditionFailedRequestTimeTooSkewedSignatureDoesNotMatchMethodNotAllowedInvalidPartInvalidPartOrderAuthorizationHeaderMalformedMalformedPOSTRequestPOSTFileRequiredSignatureVersionNotSupportedBucketNotEmptyAllAccessDisabledPolicyInvalidVersionMissingFieldsMissingCredTagCredMalformedInvalidRegionInvalidServiceS3InvalidServiceSTSInvalidRequestVersionMissingSignTagMissingSignHeadersTagMalformedDateMalformedPresignedDateMalformedCredentialDateMalformedCredentialRegionMalformedExpiresNegativeExpiresAuthHeaderEmptyExpiredPresignRequestRequestNotReadyYetUnsignedHeadersMissingDateHeaderInvalidQuerySignatureAlgoInvalidQueryParamsBucketAlreadyOwnedByYouInvalidDurationBucketAlreadyExistsMetadataTooLargeUnsupportedMetadataMaximumExpiresSlowDownInvalidPrefixMarkerBadRequestKeyTooLongErrorInvalidBucketObjectLockConfigurationObjectLockConfigurationNotFoundObjectLockConfigurationNotAllowedNoSuchObjectLockConfigurationObjectLockedInvalidRetentionDatePastObjectLockRetainDateUnknownWORMModeDirectiveBucketTaggingNotFoundObjectLockInvalidHeadersInvalidTagDirectivePolicyAlreadyAttachedPolicyNotAttachedInvalidEncryptionMethodInvalidEncryptionKeyIDInsecureSSECustomerRequestSSEMultipartEncryptedSSEEncryptedObjectInvalidEncryptionParametersInvalidSSECustomerAlgorithmInvalidSSECustomerKeyMissingSSECustomerKeyMissingSSECustomerKeyMD5SSECustomerKeyMD5MismatchInvalidSSECustomerParametersIncompatibleEncryptionMethodKMSNotConfiguredKMSKeyNotFoundExceptionNoAccessKeyInvalidTokenEventNotificationARNNotificationRegionNotificationOverlappingFilterNotificationFilterNameInvalidFilterNamePrefixFilterNameSuffixFilterValueInvalidOverlappingConfigsUnsupportedNotificationContentSHA256MismatchContentChecksumMismatchReadQuorumWriteQuorumStorageFullRequestBodyParseObjectExistsAsDirectoryInvalidObjectNameInvalidObjectNamePrefixSlashInvalidResourceNameServerNotInitializedOperationTimedOutClientDisconnectedOperationMaxedOutInvalidRequestTransitionStorageClassNotFoundErrorInvalidStorageClassBackendDownMalformedJSONAdminNoSuchUserAdminNoSuchGroupAdminGroupNotEmptyAdminNoSuchJobAdminNoSuchPolicyAdminPolicyChangeAlreadyAppliedAdminInvalidArgumentAdminInvalidAccessKeyAdminInvalidSecretKeyAdminConfigNoQuorumAdminConfigTooLargeAdminConfigBadJSONAdminNoSuchConfigTargetAdminConfigEnvOverriddenAdminConfigDuplicateKeysAdminConfigInvalidIDPTypeAdminConfigLDAPValidationAdminConfigIDPCfgNameAlreadyExistsAdminConfigIDPCfgNameDoesNotExistAdminCredentialsMismatchInsecureClientRequestObjectTamperedSiteReplicationInvalidRequestSiteReplicationPeerRespSiteReplicationBackendIssueSiteReplicationServiceAccountErrorSiteReplicationBucketConfigErrorSiteReplicationBucketMetaErrorSiteReplicationIAMErrorSiteReplicationConfigMissingAdminRebalanceAlreadyStartedAdminRebalanceNotStartedAdminBucketQuotaExceededAdminNoSuchQuotaConfigurationHealNotImplementedHealNoSuchProcessHealInvalidClientTokenHealMissingBucketHealAlreadyRunningHealOverlappingPathsIncorrectContinuationTokenEmptyRequestBodyUnsupportedFunctionInvalidExpressionTypeBusyUnauthorizedAccessExpressionTooLongIllegalSQLFunctionArgumentInvalidKeyPathInvalidCompressionFormatInvalidFileHeaderInfoInvalidJSONTypeInvalidQuoteFieldsInvalidRequestParameterInvalidDataTypeInvalidTextEncodingInvalidDataSourceInvalidTableAliasMissingRequiredParameterObjectSerializationConflictUnsupportedSQLOperationUnsupportedSQLStructureUnsupportedSyntaxUnsupportedRangeHeaderLexerInvalidCharLexerInvalidOperatorLexerInvalidLiteralLexerInvalidIONLiteralParseExpectedDatePartParseExpectedKeywordParseExpectedTokenTypeParseExpected2TokenTypesParseExpectedNumberParseExpectedRightParenBuiltinFunctionCallParseExpectedTypeNameParseExpectedWhenClauseParseUnsupportedTokenParseUnsupportedLiteralsGroupByParseExpectedMemberParseUnsupportedSelectParseUnsupportedCaseParseUnsupportedCaseClauseParseUnsupportedAliasParseUnsupportedSyntaxParseUnknownOperatorParseMissingIdentAfterAtParseUnexpectedOperatorParseUnexpectedTermParseUnexpectedTokenParseUnexpectedKeywordParseExpectedExpressionParseExpectedLeftParenAfterCastParseExpectedLeftParenValueConstructorParseExpectedLeftParenBuiltinFunctionCallParseExpectedArgumentDelimiterParseCastArityParseInvalidTypeParamParseEmptySelectParseSelectMissingFromParseExpectedIdentForGroupNameParseExpectedIdentForAliasParseUnsupportedCallWithStarParseNonUnaryAgregateFunctionCallParseMalformedJoinParseExpectedIdentForAtParseAsteriskIsNotAloneInSelectListParseCannotMixSqbAndWildcardInSelectListParseInvalidContextForWildcardInSelectListIncorrectSQLFunctionArgumentTypeValueParseFailureEvaluatorInvalidArgumentsIntegerOverflowLikeInvalidInputsCastFailedInvalidCastEvaluatorInvalidTimestampFormatPatternEvaluatorInvalidTimestampFormatPatternSymbolForParsingEvaluatorTimestampFormatPatternDuplicateFieldsEvaluatorTimestampFormatPatternHourClockAmPmMismatchEvaluatorUnterminatedTimestampFormatPatternTokenEvaluatorInvalidTimestampFormatPatternTokenEvaluatorInvalidTimestampFormatPatternSymbolEvaluatorBindingDoesNotExistMissingHeadersInvalidColumnIndexAdminConfigNotificationTargetsFailedAdminProfilerNotEnabledInvalidDecompressedSizeAddUserInvalidArgumentAdminResourceInvalidArgumentAdminAccountNotEligibleAccountNotEligibleAdminServiceAccountNotFoundPostPolicyConditionInvalidFormatInvalidChecksum"
 
-var _APIErrorCode_index = [...]uint16{0, 4, 16, 25, 39, 53, 67, 81, 94, 112, 129, 146, 159, 171, 193, 213, 239, 253, 274, 291, 306, 329, 346, 364, 381, 405, 420, 441, 459, 471, 491, 508, 531, 552, 564, 582, 603, 631, 661, 682, 705, 731, 768, 798, 831, 856, 888, 918, 947, 972, 994, 1020, 1042, 1070, 1099, 1133, 1164, 1201, 1225, 1253, 1283, 1292, 1304, 1320, 1333, 1347, 1365, 1385, 1406, 1422, 1433, 1449, 1477, 1497, 1513, 1541, 1555, 1572, 1592, 1605, 1619, 1632, 1645, 1661, 1678, 1699, 1713, 1734, 1747, 1769, 1792, 1817, 1833, 1848, 1863, 1884, 1902, 1917, 1934, 1959, 1977, 2000, 2015, 2034, 2050, 2069, 2083, 2091, 2110, 2120, 2135, 2171, 2202, 2235, 2264, 2276, 2296, 2320, 2344, 2365, 2389, 2408, 2431, 2453, 2479, 2500, 2518, 2545, 2572, 2593, 2614, 2638, 2663, 2691, 2719, 2735, 2758, 2769, 2781, 2798, 2813, 2831, 2860, 2877, 2893, 2909, 2927, 2945, 2968, 2989, 3012, 3022, 3033, 3044, 3060, 3083, 3100, 3128, 3147, 3167, 3184, 3202, 3219, 3233, 3268, 3287, 3298, 3311, 3326, 3342, 3360, 3374, 3391, 3422, 3442, 3463, 3484, 3503, 3522, 3540, 3563, 3587, 3611, 3636, 3661, 3695, 3728, 3752, 3773, 3787, 3816, 3839, 3866, 3900, 3932, 3962, 3985, 4013, 4041, 4065, 4089, 4118, 4136, 4153, 4175, 4192, 4210, 4230, 4256, 4272, 4291, 4312, 4316, 4334, 4351, 4377, 4391, 4415, 4436, 4451, 4469, 4492, 4507, 4526, 4543, 4560, 4584, 4611, 4634, 4657, 4674, 4696, 4712, 4732, 4751, 4773, 4794, 4814, 4836, 4860, 4879, 4921, 4942, 4965, 4986, 5017, 5036, 5058, 5078, 5104, 5125, 5147, 5167, 5191, 5214, 5233, 5253, 5275, 5298, 5329, 5367, 5408, 5438, 5452, 5473, 5489, 5511, 5541, 5567, 5595, 5628, 5646, 5669, 5704, 5744, 5786, 5818, 5835, 5860, 5875, 5892, 5902, 5913, 5951, 6005, 6051, 6103, 6151, 6194, 6238, 6266, 6280, 6298, 6334, 6357, 6380, 6402, 6430, 6453, 6471, 6498, 6530, 6545}
+var _APIErrorCode_index = [...]uint16{0, 4, 16, 25, 39, 53, 67, 81, 94, 112, 129, 146, 159, 171, 193, 213, 239, 253, 274, 291, 306, 329, 346, 364, 381, 405, 420, 441, 459, 471, 491, 508, 531, 552, 564, 582, 603, 631, 661, 682, 705, 731, 768, 798, 831, 856, 888, 918, 947, 972, 994, 1020, 1042, 1070, 1099, 1133, 1164, 1201, 1225, 1253, 1283, 1292, 1304, 1320, 1333, 1347, 1365, 1385, 1406, 1422, 1433, 1449, 1477, 1497, 1513, 1541, 1555, 1572, 1592, 1605, 1619, 1632, 1645, 1661, 1678, 1699, 1713, 1734, 1747, 1769, 1792, 1817, 1833, 1848, 1863, 1884, 1902, 1917, 1934, 1959, 1977, 2000, 2015, 2034, 2050, 2069, 2083, 2091, 2110, 2120, 2135, 2171, 2202, 2235, 2264, 2276, 2296, 2320, 2344, 2365, 2389, 2408, 2429, 2446, 2469, 2491, 2517, 2538, 2556, 2583, 2610, 2631, 2652, 2676, 2701, 2729, 2757, 2773, 2796, 2807, 2819, 2836, 2851, 2869, 2898, 2915, 2931, 2947, 2965, 2983, 3006, 3027, 3050, 3060, 3071, 3082, 3098, 3121, 3138, 3166, 3185, 3205, 3222, 3240, 3257, 3271, 3306, 3325, 3336, 3349, 3364, 3380, 3398, 3412, 3429, 3460, 3480, 3501, 3522, 3541, 3560, 3578, 3601, 3625, 3649, 3674, 3699, 3733, 3766, 3790, 3811, 3825, 3854, 3877, 3904, 3938, 3970, 4000, 4023, 4051, 4079, 4103, 4127, 4156, 4174, 4191, 4213, 4230, 4248, 4268, 4294, 4310, 4329, 4350, 4354, 4372, 4389, 4415, 4429, 4453, 4474, 4489, 4507, 4530, 4545, 4564, 4581, 4598, 4622, 4649, 4672, 4695, 4712, 4734, 4750, 4770, 4789, 4811, 4832, 4852, 4874, 4898, 4917, 4959, 4980, 5003, 5024, 5055, 5074, 5096, 5116, 5142, 5163, 5185, 5205, 5229, 5252, 5271, 5291, 5313, 5336, 5367, 5405, 5446, 5476, 5490, 5511, 5527, 5549, 5579, 5605, 5633, 5666, 5684, 5707, 5742, 5782, 5824, 5856, 5873, 5898, 5913, 5930, 5940, 5951, 5989, 6043, 6089, 6141, 6189, 6232, 6276, 6304, 6318, 6336, 6372, 6395, 6418, 6440, 6468, 6491, 6509, 6536, 6568, 6583}
 
 func (i APIErrorCode) String() string {
 	if i < 0 || i >= APIErrorCode(len(_APIErrorCode_index)-1) {
diff --git a/cmd/iam-store.go b/cmd/iam-store.go
index 382d25c01..9a2084ab3 100644
--- a/cmd/iam-store.go
+++ b/cmd/iam-store.go
@@ -1552,6 +1552,23 @@ func (store *IAMStoreSys) GetUserInfo(name string) (u madmin.UserInfo, err error
 	}, nil
 }
 
+// GetUserPolicies - returns the policies attached to a user.
+func (store *IAMStoreSys) GetUserPolicies(name string) ([]string, error) {
+	if name == "" {
+		return nil, errInvalidArgument
+	}
+
+	cache := store.rlock()
+	defer store.runlock()
+
+	if cache.iamUserPolicyMap[name].Policies == "" {
+		return []string{}, nil
+	}
+
+	policies := cache.iamUserPolicyMap[name].toSlice()
+	return policies, nil
+}
+
 // PolicyMappingNotificationHandler - handles updating a policy mapping from storage.
 func (store *IAMStoreSys) PolicyMappingNotificationHandler(ctx context.Context, userOrGroup string, isGroup bool, userType IAMUserType) error {
 	if userOrGroup == "" {
diff --git a/cmd/iam.go b/cmd/iam.go
index 1a43e24f0..9aa470c11 100644
--- a/cmd/iam.go
+++ b/cmd/iam.go
@@ -857,6 +857,15 @@ func (sys *IAMSys) GetUserInfo(ctx context.Context, name string) (u madmin.UserI
 	return sys.store.GetUserInfo(name)
 }
 
+// GetUserPolicies - get policies attached to a user.
+func (sys *IAMSys) GetUserPolicies(name string) (p []string, err error) {
+	if !sys.Initialized() {
+		return p, errServerNotInitialized
+	}
+
+	return sys.store.GetUserPolicies(name)
+}
+
 // SetUserStatus - sets current user status, supports disabled or enabled.
 func (sys *IAMSys) SetUserStatus(ctx context.Context, accessKey string, status madmin.AccountStatus) (updatedAt time.Time, err error) {
 	if !sys.Initialized() {