d59e41fb3c
A new microversion 3.70 adds the ability to transfer a volume's encryption key when transferring a volume to another project. When the volume transfer is initiated, the volume's encryption secret is essentially transferred to the cinder service. - The cinder service creates a new encryption_key_id that contains a copy of the volume's encryption secret. - The volume (and its snapshots) is updated with the new encryption_key_id (the one owned by the cinder service). - The volume's original encryption_key_id (owned by the volume's owner) is deleted. When the transfer is accepted, the secret is transferred to the user accepting the transfer. - A new encryption_key_id is generated on behalf of the new user that contains a copy of the volume's encryption secret. - The volume (and its snapshots) is updated with the new encryption_key_id (the one owned by the user). - The intermediate encryption_key_id owned by the cinder service is deleted. When a transfer is cancelled (deleted), the same process is used to transfer ownship back to the user that cancelled the transfer. Implements: blueprint transfer-encrypted-volume Change-Id: I459f06504e90025c9c0b539981d3d56a2a9394c7
29 lines
768 B
JSON
29 lines
768 B
JSON
{
|
|
"versions": [
|
|
{
|
|
"id": "v3.0",
|
|
"links": [
|
|
{
|
|
"href": "https://docs.openstack.org/",
|
|
"rel": "describedby",
|
|
"type": "text/html"
|
|
},
|
|
{
|
|
"href": "http://127.0.0.1:44895/v3/",
|
|
"rel": "self"
|
|
}
|
|
],
|
|
"media-types": [
|
|
{
|
|
"base": "application/json",
|
|
"type": "application/vnd.openstack.volume+json;version=3"
|
|
}
|
|
],
|
|
"min_version": "3.0",
|
|
"status": "CURRENT",
|
|
"updated": "2022-08-31T00:00:00Z",
|
|
"version": "3.70"
|
|
}
|
|
]
|
|
}
|