glance/etc/schema-image.json
Cyril Roelandt b190a39a28 Delete secret key on image deletion
We add two extra properties for images:
- cinder_encryption_key_id, which stores the encryption key id;
- cinder_encryption_key_deletion_policy, which states whether the secret
  key should be deleted on image deletion.

This feature uses the Castellan key manager, and will therefore work
with all its supported backends.

Implements: blueprint barbican-secret-deletion-support
DocImpact

Change-Id: Iacd0b3785ad4cdd06961e6d11967775806e009ff
2019-09-05 03:16:39 +02:00

45 lines
2.1 KiB
JSON

{
"kernel_id": {
"type": ["null", "string"],
"pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$",
"description": "ID of image stored in Glance that should be used as the kernel when booting an AMI-style image."
},
"ramdisk_id": {
"type": ["null", "string"],
"pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$",
"description": "ID of image stored in Glance that should be used as the ramdisk when booting an AMI-style image."
},
"instance_uuid": {
"type": "string",
"description": "Metadata which can be used to record which instance this image is associated with. (Informational only, does not create an instance snapshot.)"
},
"architecture": {
"description": "Operating system architecture as specified in https://docs.openstack.org/python-glanceclient/latest/cli/property-keys.html",
"type": "string"
},
"os_distro": {
"description": "Common name of operating system distribution as specified in https://docs.openstack.org/python-glanceclient/latest/cli/property-keys.html",
"type": "string"
},
"os_version": {
"description": "Operating system version as specified by the distributor.",
"type": "string"
},
"description": {
"description": "A human-readable string describing this image.",
"type": "string"
},
"cinder_encryption_key_id": {
"description": "Identifier in the OpenStack Key Management Service for the encryption key for the Block Storage Service to use when mounting a volume created from this image",
"type": "string"
},
"cinder_encryption_key_deletion_policy": {
"description": "States the condition under which the Image Service will delete the object associated with the 'cinder_encryption_key_id' image property. If this property is missing, the Image Service will take no action",
"type": "string",
"enum": [
"on_image_deletion",
"do_not_delete"
]
}
}