Created tags are not deleted whenever a public IP is disassociated #6620
Description
ISSUE TYPE
- Bug Report
COMPONENT NAME
Core
CLOUDSTACK VERSION
4.17.0.0
CONFIGURATION
N/A
OS / ENVIRONMENT
N/A
SUMMARY
Created tags are not deleted when the user releases an public IP address. If the public IP is then assigned to another user, it will still contain all the previous tags. This interferes with automation tools that expect a clean resource, and could allow other accounts to access potentially sensitive metadata.
I understand that in some cases this would be considered a feature, however this makes it unusable to provide shared IP pools that could be used by several accounts. (at least while the permission to edit tags is granted)
STEPS TO REPRODUCE
# using cmk
associate ipaddress domainid=[...] networkid=[...] vpcid=[...]
[...]
list tags resourcetype=publicipaddress resourceid=86b1b359-1879-488b-ba9c-772cceeb6908 listall=true
create tags resourcetype=publicipaddress resourceids=86b1b359-1879-488b-ba9c-772cceeb6908 tags[0].key=somekey tags[0].value=somevalue
success = true
list tags resourcetype=publicipaddress resourceid=86b1b359-1879-488b-ba9c-772cceeb6908 listall=true
count = 1
tag:
domain = XXX
key = somekey
value = somevalue
resourcetype = PublicIpAddress
resourceid = 86b1b359-1879-488b-ba9c-772cceeb6908
account = XXX
domainid =XXX
disassociate ipaddress id=86b1b359-1879-488b-ba9c-772cceeb6908
success = true
list tags resourcetype=publicipaddress resourceid=86b1b359-1879-488b-ba9c-772cceeb6908 listall=true
count = 1
tag:
domain = XXX
key = somekey
value = somevalue
resourcetype = PublicIpAddress
resourceid = 86b1b359-1879-488b-ba9c-772cceeb6908
account = XXX
domainid =XXX
EXPECTED RESULTS
Expected the tags to be removed when the IP is disassociated (freed)
ACTUAL RESULTS
Tags are still present, and will continue to exist until they are deleted manually via "deleteTags"