The cloud-init side of this is is available on Ubuntu 23.04+. Older releases will not see this functionality as to not break backwards compatibility.
Change landed in https://github.com/canonical/cloud-init/pull/1891 . ** Changed in: cloud-init Status: Triaged => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to cloud-init. https://bugs.launchpad.net/bugs/1981646 Title: network v2: do not render world-readable netplan when wifi or auth config contains sensitive passwords Status in cloud-init: Fix Released Status in netplan: Triaged Bug description: https://netplan.io/reference/ supports wifi password and auto client- key-password keys which should generally not be world-readable. But, when rendering passthrough V2 network configuration, cloud-init emits a single /etc/netplan/50-cloud-init.yaml file that is world readable. If network v2 config contains sensitive password keys it may make sense for cloud-init to either: 1. Make /etc/netplan/50-cloud-init.yaml only root-readable - OR - 2. Write a world-readable /etc/netplan/50-cloud-init.yaml containing all keys except wifis and auth and a root-readable /etc/netplan/50-cloud-init-sensitive.yaml which would contain any security sensitive config content. To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-init/+bug/1981646/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
