I would like to get some feedback for a proposed addition of a feature that would allow “Hidden” configuration items to be returned from the listConfigurations endpoint.
1) There will be a new optional parameter for listConfigurations called showhidden . Defaults to false. Existing behavior is preserved unless showhidden is set to true. 2) There is a now configuration item, com.cloud.allowshowhidden , which defaults to false. This must be set to true in order for showhidden to be allowed. If showhidden=true is passed and com.cloud.allowshowhidden=false, an InvalidParameterValueException is thrown. So the web UI would still hide hidden configuration items regardless of the state of com.cloud.allowshowhidden since it will not be passing showhidden=true. The main value of this would be from API implementations / middleware, which is what our front-end talks to instead of directly to cloudstack management server. Obviously there is an explicit reason hidden configuration items are not displayed via the API at present. The Hidden configuration items contain some very sensitive data, such as private keys etc. I would like to submit a pull request that would make sense to everyone and still be secure by default and not open up pandora’s box so to speak. I have this working in our lab, but I wanted to get a bit of feedback before submitting a PR. So several questions: 1) Would it make sense for com.cloud.allowshowhidden to be a “Hidden” configuration item? The up side of this is that you could not toggle this value from the API. Marking it hidden means that a rogue root admin api key holder could not grant themselves more access. The down side is that I’m not sure how to easily change this value outside of manually going into the database and changing it, and one should hope that root admin api key holders are well trusted. Currently I have this implemented as an “Advanced” configuration item. 2) I picked com.cloud.allowshowhidden out of my hat. Is there a more appropriate name that I should use?
