Instance metadata protection
The administrator of OpenStack may want to assign metadata to an instance to manage that instance.
For example, when a VM is being used by resources outside of OpenStack, they may want to add tags or metadata to indicate this.
However, since users also utilize instance metadata, the following issues arise:
- Users can overwrite those tags or metadata.
- If updates to tags or metadata are restricted in `policy.yaml`, users cannot use tags or metadata.
Therefore, I propose the following feature:
- Allow only specific roles to create, update, or delete certain tags and metadata keys specified in the configuration
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Tatsuya Hayashino
- Direction:
- Needs approval
- Assignee:
- Tatsuya Hayashino
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Repropose instance metadata protection
Gerrit topic: https:/