Comment 13 for bug 1736773

From cinder's point of view this is not a security risk, because the information provided can only contain user specific credentials.

For drivers using system wide credentials (ie. Ceph) these must be provided off-band.

We understand a sysadmin may still not want to expose the internal network addressing to users and only allow Nova and Glance (when using Cinder as a backend) to access this information. For that reason the Cinder team will add a new attachment get policy for when Nova and Glance are able to use an admin user to make the requests or when we start using service roles.

It would be the responsibility of the deployment tool (or the sysadmin) to configure the different services to behave in the desired way.

Cinder backup may also need some changes to its code to support backups with restricted policies.