cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Nalley <>
Subject Re: [Proposal] Ability to retrieve user data via Admin API - 4.4
Date Mon, 13 Jan 2014 21:55:04 GMT
On Mon, Jan 13, 2014 at 12:56 PM, Alena Prokharchyk
<> wrote:
> I would like to propose to introduce API (Admin only, 4.4) that returns user data to
the admin. Current UserData behavior:
>  * userData is passed to the deployVm/updateVm call
>  * its stored in CS db and on the VR
>  * the only one way to retrieve the data, is to request it from the user vm inside the
network by sending http request to the Virtual Router.
>  We've adopted this model from Amazon EC2 APIs. But along the way I've noticed that some
third party integrators needed to read UserData by Admin to get the information about all
vms in the system/network. To solve the problem, people were using different kinds of workarounds
- db scripts to read userData from cloudstack DB, or writing CS API extensions:
> So the API I'm proposing, will let you to retrieve User Data via Admin API. It will be
available to Root admin only.
> If anyone has any objection, or see the flaws in the proposal, please signal.
> -Alena.

Why make this root admin-only? Why shouldn't the user be able to see
their own instances user-data?

While the ability to see user-data is compelling; limiting it to
root-admin only is much less desirable IMO.


View raw message