Disallow unmanage for encrypted volumes
Bug #1731518 reported by
Eric Harney
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Cinder |
Fix Released
|
High
|
Eric Harney |
Bug Description
Unmanaging an encrypted volume is currently a hazardous operation: Cinder unmanages the volume, but deletes the encryption key for the volume from Barbican, rendering it useless. This would result in data loss for a user expecting unmanage to be a "safe" operation, as it is with unencrypted volumes.
This scheme may have made sense when only using the conf key manager, but doesn't in a deployment with Barbican.
We should block unmanage operations for encrypted volumes, and only allow regular deletions.
https:/
(I have not tested this behavior, just noticed while auditing the code.)
Changed in cinder: | |
assignee: | nobody → Eric Harney (eharney) |
importance: | Undecided → High |
Changed in cinder: | |
status: | New → Confirmed |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/523522
Review: https:/