From acbd671fcd3471637898c6b9f4a256cc2c9727b5 Mon Sep 17 00:00:00 2001 From: Tobias Wolf Date: Wed, 27 Mar 2024 13:42:41 +0100 Subject: [PATCH] Add description about conflicts with non-encrypted volume types This fixes a minor grammatical mistake as well Change-Id: I755106e7d379980e9a1a050a3debcccb37f53285 Signed-off-by: Tobias Wolf --- specs/{untargeted => 2024.2}/byok-for-cinder.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) rename specs/{untargeted => 2024.2}/byok-for-cinder.rst (95%) diff --git a/specs/untargeted/byok-for-cinder.rst b/specs/2024.2/byok-for-cinder.rst similarity index 95% rename from specs/untargeted/byok-for-cinder.rst rename to specs/2024.2/byok-for-cinder.rst index 138808cb..f9459552 100644 --- a/specs/untargeted/byok-for-cinder.rst +++ b/specs/2024.2/byok-for-cinder.rst @@ -28,7 +28,7 @@ Use Cases Proposed change =============== -Most peaces are already in place and do not to be changed for that feature to be implemented. The KeyManager implementation holds the key provided by the end user. +Most pieces are already in place and do not to be changed for that feature to be implemented. The KeyManager implementation holds the key provided by the end user. - The most visible change is to be able to provide an encryption key ID to create volume. - ``cinder.volume.volume_utils.clone_encryption_key()`` must be used to ensure keys can be deleted when the volume is deleted @@ -52,6 +52,7 @@ REST API impact * Normal http response code(s): 202 * New optional ``parameter encryption_key_id`` indicates which encryption key ID from the KeyManager implementation should be used * Maybe a new use of response code 409 may be needed if e.g. a encrypted snapshot volume should be copied with a different key + * 409 may be used to indicate if the volume type chosen does not support encryption at all as well, alternatively 400 is suitable in that case Security impact ---------------