MinIO policy remains intact on bucket deletion

[rkozello]

problem

When account A deletes MinIO bucket from CloudStack web UI, MinIO policy for special MinIO user access to this bucket remains intact. If (when) account B creates bucket with the same name, account A may get access to it using saved Access+Secret Keys and any S3 utility.
Remediation: delete MinIO policy providing access to specific bucket on bucket deletion.

versions

CloudStack v 4.22

The steps to reproduce the bug

1. Login to web UI as user/account A
2. Create S3 bucket 'test'
3. Save access credentials (Access Key, Secret Key, URL without final bucket path)
4. Delete bucket 'test'
5. Login to web UI as user/account B
6. Create S3 bucket 'test'
7. Using bucket browser, upload some file to bucket
8. Create mc alias for user A as 'mc alias set userA-test $URL $Access_Key $Secret_Key'
9. Check bucket contents 'mc ls userA-test/test'
   ...

What to do about it?

Modify code to delete access policy on bucket deleteion

[boring-cyborg]

Thanks for opening your first issue here! Be sure to follow the issue template!