Documentation work from the OpenStack Security Group (OSSG)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Julia Kreger abfaecb547 Update IRC references 3 weeks ago
case-studies Replace Chinese quotes to English quotes 3 years ago
common Updated from openstack-manuals 3 weeks ago
security-guide Update IRC references 3 weeks ago
security-notes OSSN-0089: Missing configuration option in Secure Live Migration guide 2 months ago
security-threat-analysis/source Switch to newer openstackdocstheme version 1 year ago
tools Update for openstack-doc-tools 2.0 2 years ago
.gitignore Adding documentation for security threat analysis 5 years ago
.gitreview OpenDev Migration Patch 2 years ago
.zuul.yaml Enable linter, update for python3 2 years ago
README.rst Update IRC references 3 weeks ago
bindep.txt Update bindep.txt 4 years ago
doc-tools-check-languages.conf Build tr_TR security-guide 4 years ago
test-requirements.txt Switch to newer openstackdocstheme version 1 year ago
tox.ini Enable linter, update for python3 2 years ago


Team and repository tags


OpenStack Security Documentation

This repository contains the OpenStack Security documentation.

For details on how to contribute to the documentation, see the OpenStack Documentation Contributor Guide.

It includes these manuals:

  • Security Guide
  • Security Notes
  • Security Threat Analysis

The Security Notes are published by the OpenStack Security Project (OSSP) to advise users of security related issues. For more information refer to the Security Notes and Security Note Process.

Security Advisories are issued by the Vulnerability Management Team (VMT). For more information about OpenStack's Vulnerability Management Team (VMT) refer to the Vulnerability Management Process.

Directory Structure

Security Guide is in the directory security-guide, which source files in RST format in the directory security-guide/source.

Security Threat Analysis is in the directory security-threat-analysis, which source files in RST format in the directory security-threat-analysis/source.

The security notes are in the directory security-notes.

Testing of changes and building of the guides

Install the python tox package and run tox from the top-level directory to use the same tests that are done as part of our Jenkins gating jobs.



Our community welcomes all people interested in open source cloud computing, and encourages you to join the OpenStack Foundation.

The best way to get involved with the community is to talk with others online or at a meet up and offer contributions through our processes, the OpenStack wiki, blogs, or on IRC at #openstack on

We welcome all types of contributions, from blueprint designs to documentation to testing to deployment scripts.

If you would like to contribute to the documents, please see the OpenStack Documentation contributor guide.


Bugs should be filed on Launchpad, not GitHub:


If you find a security issue in OpenStack, not in the contents of the Security Guide, please see How to Report Security Issues to OpenStack.

Release Notes


Refer to the OpenStack Security Guide to see where these documents are published and to learn more about the OpenStack Security Guide.