There are currently two types of properties in the Image Service: "core properties," which are defined by the system, and "additional properties," which are arbitrary key/value pairs that can be set on an image.
Any such property can be protected
through configuration. When you put protections on a property, it
limits the users who can perform CRUD operations on the property
based on their user role. The use case is to enable the cloud
provider to maintain extra properties on images. Typically this
would be performed by an administrator who has access to protected
properties, managed in the policy.json
file.
The extra property could be licensing information or billing information,
for example.
Properties that don't have protections defined for them will act as they do now: the administrator can control core properties, with the image owner having control over additional properties.
Property protection can be set in
/etc/glance/property-protections.conf
, using
roles found in policy.json
.