Buckets setup/policy

[ctengel]

• Part of this basically ended up being documented as part of #5 since we need a basic bucket to just get started
• More automation should be added here
• we should also look into https://stackoverflow.com/questions/42616518/minio-hows-bucket-policy-related-to-anonymous-authorized-access for benefit of #22 - basically we may use readonly

[ctengel]

Buckets should have names like category-YYYYMMDD

• The category name then essentially maps to bucket that is provided by the client
• The date is basically when this bucket is created
• The bucket name is the same on different clusters where it is replicated to
• Whenever a "cap and grow" is done, that would be same category, new date

Policy needs to be documented/automated

Biggest question is whether to enable downloads or not etc

[ctengel]

Based on the great success of #22 , adding anonymous permissions does not seem to be needed, and quite honestly seems to be an unnecessary risk since in many cases the minio systems may be connected directly to a semi-public network.

Instead, just need to ensure that the OI API has read only credentials to the bucket that can be used to presign URLs as needed. Then, OI itself is really the gatekeeper via #14 authentication.

For the purpose of this issue, automation to create buckets and users with access is all that is needed.

[ctengel]

Once automation is tested this may be closed