On 9/24/2014 3:17 PM, Dean Troyer wrote: > On Wed, Sep 24, 2014 at 2:58 PM, Roman Podoliaka > <rpodolyaka at mirantis.com <mailto:rpodolyaka at mirantis.com>> wrote: > > Are there any known gotchas with support of this feature in REST APIs > (in general)? > > > I'd be worried about relying on a user-defined attribute in that use > case, that's ripe for a DOS. Since these are cloud-unique I wouldn't > even need to be in your project to block you from creating that clone > instance if I knew your UUID. > > dt > > -- > > Dean Troyer > dtroyer at gmail.com <mailto:dtroyer at gmail.com> > > > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev at lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > We talked about this a bit before approving the 'enforce-unique-instance-uuid-in-db' blueprint [1]. As far as we knew there was no one using null instance UUIDs or duplicates for that matter. The instance object already enforces that the UUID field is unique but the database schema doesn't. I'll be re-proposing that for Kilo when it opens up. If it's a matter of tagging an instance, there is also the tags blueprint [2] which will probably be proposed again for Kilo. [1] https://blueprints.launchpad.net/nova/+spec/enforce-unique-instance-uuid-in-db [2] https://blueprints.launchpad.net/nova/+spec/tag-instances -- Thanks, Matt Riedemann