OpenStack Resource Types

OS::Aodh::CompositeAlarm

Available since 8.0.0 (Ocata)

A resource that implements Aodh composite alarm.

Allows to specify multiple rules when creating a composite alarm, and the rules combined with logical operators: and, or.

Required Properties

composite_rule
Composite threshold rules in JSON format.
Map value expected.
Can be updated without replacement.
Map properties:
operator
Required.
The operator indicates how to combine the rules.
String value expected.
Can be updated without replacement.
Allowed values: “or”, “and”
rules
Rules list. Basic threshold/gnocchi rules and nested dict which combine threshold/gnocchi rules by “and” or “or” are allowed. For example, the form is like: [RULE1, RULE2, {“and”: [RULE3, RULE4]}], the basic threshold/gnocchi rules must include a “type” field.
List value expected.
Can be updated without replacement.
The length must be at least 2.

Optional Properties

alarm_actions
A list of URLs (webhooks) to invoke when state transitions to alarm.
List value expected.
Can be updated without replacement.
alarm_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to alarm.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
description
Description for the alarm.
String value expected.
Can be updated without replacement.
enabled
True if alarm evaluation/actioning is enabled.
Boolean value expected.
Can be updated without replacement.
Defaults to "true"
insufficient_data_actions
A list of URLs (webhooks) to invoke when state transitions to insufficient-data.
List value expected.
Can be updated without replacement.
insufficient_data_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to insufficient-data.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
ok_actions
A list of URLs (webhooks) to invoke when state transitions to ok.
List value expected.
Can be updated without replacement.
ok_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to ok.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
repeat_actions
False to trigger actions when the threshold is reached AND the alarm’s state has changed. By default, actions are called each time the threshold is reached.
Boolean value expected.
Can be updated without replacement.
Defaults to "true"
severity

Available since 5.0.0 (Liberty)

Severity of the alarm.
String value expected.
Can be updated without replacement.
Defaults to "low"
Allowed values: “low”, “moderate”, “critical”
time_constraints

Available since 5.0.0 (Liberty)

Describe time constraints for the alarm. Only evaluate the alarm if the time at evaluation is within this time constraint. Start point(s) of the constraint are specified with a cron expression, whereas its duration is given in seconds.
List value expected.
Updates cause replacement.
Defaults to []
List contents:
Map value expected.
Updates cause replacement.
Map properties:
description
Optional.
Description for the time constraint.
String value expected.
Updates cause replacement.
duration
Required.
Duration for the time constraint.
Integer value expected.
Updates cause replacement.
The value must be at least 0.
name
Required.
Name for the time constraint.
String value expected.
Updates cause replacement.
start
Required.
Start time for the time constraint. A CRON expression property.
String value expected.
Updates cause replacement.
Value must be of type cron_expression
timezone
Optional.
Timezone for the time constraint (eg. ‘Asia/Taipei’, ‘Europe/Amsterdam’).
String value expected.
Updates cause replacement.
Value must be of type timezone

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Aodh::CompositeAlarm
    properties:
      alarm_actions: [Value, Value, ...]
      alarm_queues: [String, String, ...]
      composite_rule: {"operator": String, "rules": [Value, Value, ...]}
      description: String
      enabled: Boolean
      insufficient_data_actions: [Value, Value, ...]
      insufficient_data_queues: [String, String, ...]
      ok_actions: [Value, Value, ...]
      ok_queues: [String, String, ...]
      repeat_actions: Boolean
      severity: String
      time_constraints: [{"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, {"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, ...]

OS::Aodh::EventAlarm

Available since 8.0.0 (Ocata)

A resource that implements event alarms.

Allows users to define alarms which can be evaluated based on events passed from other OpenStack services. The events can be emitted when the resources from other OpenStack services have been updated, created or deleted, such as ‘compute.instance.reboot.end’, ‘scheduler.select_destinations.end’.

Optional Properties

alarm_actions
A list of URLs (webhooks) to invoke when state transitions to alarm.
List value expected.
Can be updated without replacement.
alarm_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to alarm.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
description
Description for the alarm.
String value expected.
Can be updated without replacement.
enabled
True if alarm evaluation/actioning is enabled.
Boolean value expected.
Can be updated without replacement.
Defaults to "true"
event_type
Event type to evaluate against. If not specified will match all events.
String value expected.
Can be updated without replacement.
Defaults to "*"
insufficient_data_actions
A list of URLs (webhooks) to invoke when state transitions to insufficient-data.
List value expected.
Can be updated without replacement.
insufficient_data_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to insufficient-data.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
ok_actions
A list of URLs (webhooks) to invoke when state transitions to ok.
List value expected.
Can be updated without replacement.
ok_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to ok.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
query
A list for filtering events. Query conditions used to filter specific events when evaluating the alarm.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
field
Optional.
Name of attribute to compare.
String value expected.
Can be updated without replacement.
op
Optional.
Comparison operator.
String value expected.
Can be updated without replacement.
Allowed values: “le”, “ge”, “eq”, “lt”, “gt”, “ne”
type
Optional.
The type of the attribute.
String value expected.
Can be updated without replacement.
Defaults to "string"
Allowed values: “integer”, “float”, “string”, “boolean”, “datetime”
value
Optional.
String value with which to compare.
String value expected.
Can be updated without replacement.
repeat_actions
False to trigger actions when the threshold is reached AND the alarm’s state has changed. By default, actions are called each time the threshold is reached.
Boolean value expected.
Can be updated without replacement.
Defaults to "true"
severity

Available since 5.0.0 (Liberty)

Severity of the alarm.
String value expected.
Can be updated without replacement.
Defaults to "low"
Allowed values: “low”, “moderate”, “critical”
time_constraints

Available since 5.0.0 (Liberty)

Describe time constraints for the alarm. Only evaluate the alarm if the time at evaluation is within this time constraint. Start point(s) of the constraint are specified with a cron expression, whereas its duration is given in seconds.
List value expected.
Updates cause replacement.
Defaults to []
List contents:
Map value expected.
Updates cause replacement.
Map properties:
description
Optional.
Description for the time constraint.
String value expected.
Updates cause replacement.
duration
Required.
Duration for the time constraint.
Integer value expected.
Updates cause replacement.
The value must be at least 0.
name
Required.
Name for the time constraint.
String value expected.
Updates cause replacement.
start
Required.
Start time for the time constraint. A CRON expression property.
String value expected.
Updates cause replacement.
Value must be of type cron_expression
timezone
Optional.
Timezone for the time constraint (eg. ‘Asia/Taipei’, ‘Europe/Amsterdam’).
String value expected.
Updates cause replacement.
Value must be of type timezone

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Aodh::EventAlarm
    properties:
      alarm_actions: [Value, Value, ...]
      alarm_queues: [String, String, ...]
      description: String
      enabled: Boolean
      event_type: String
      insufficient_data_actions: [Value, Value, ...]
      insufficient_data_queues: [String, String, ...]
      ok_actions: [Value, Value, ...]
      ok_queues: [String, String, ...]
      query: [{"field": String, "type": String, "op": String, "value": String}, {"field": String, "type": String, "op": String, "value": String}, ...]
      repeat_actions: Boolean
      severity: String
      time_constraints: [{"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, {"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, ...]

OS::Aodh::GnocchiAggregationByMetricsAlarm

Available since 2015.1 (Kilo)

A resource that implements alarm with specified metrics.

A resource that implements alarm which allows to use specified by user metrics in metrics list.

Required Properties

metrics
A list of metric ids.
List value expected.
Can be updated without replacement.
threshold
Threshold to evaluate against.
Number value expected.
Can be updated without replacement.

Optional Properties

aggregation_method
The aggregation method to compare to the threshold.
String value expected.
Can be updated without replacement.
alarm_actions
A list of URLs (webhooks) to invoke when state transitions to alarm.
List value expected.
Can be updated without replacement.
alarm_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to alarm.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
comparison_operator
Operator used to compare specified statistic with threshold.
String value expected.
Can be updated without replacement.
Allowed values: “le”, “ge”, “eq”, “lt”, “gt”, “ne”
description
Description for the alarm.
String value expected.
Can be updated without replacement.
enabled
True if alarm evaluation/actioning is enabled.
Boolean value expected.
Can be updated without replacement.
Defaults to "true"
evaluation_periods
Number of periods to evaluate over.
Integer value expected.
Can be updated without replacement.
granularity
The time range in seconds.
Integer value expected.
Can be updated without replacement.
insufficient_data_actions
A list of URLs (webhooks) to invoke when state transitions to insufficient-data.
List value expected.
Can be updated without replacement.
insufficient_data_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to insufficient-data.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
ok_actions
A list of URLs (webhooks) to invoke when state transitions to ok.
List value expected.
Can be updated without replacement.
ok_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to ok.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
repeat_actions
False to trigger actions when the threshold is reached AND the alarm’s state has changed. By default, actions are called each time the threshold is reached.
Boolean value expected.
Can be updated without replacement.
Defaults to "true"
severity

Available since 5.0.0 (Liberty)

Severity of the alarm.
String value expected.
Can be updated without replacement.
Defaults to "low"
Allowed values: “low”, “moderate”, “critical”
time_constraints

Available since 5.0.0 (Liberty)

Describe time constraints for the alarm. Only evaluate the alarm if the time at evaluation is within this time constraint. Start point(s) of the constraint are specified with a cron expression, whereas its duration is given in seconds.
List value expected.
Updates cause replacement.
Defaults to []
List contents:
Map value expected.
Updates cause replacement.
Map properties:
description
Optional.
Description for the time constraint.
String value expected.
Updates cause replacement.
duration
Required.
Duration for the time constraint.
Integer value expected.
Updates cause replacement.
The value must be at least 0.
name
Required.
Name for the time constraint.
String value expected.
Updates cause replacement.
start
Required.
Start time for the time constraint. A CRON expression property.
String value expected.
Updates cause replacement.
Value must be of type cron_expression
timezone
Optional.
Timezone for the time constraint (eg. ‘Asia/Taipei’, ‘Europe/Amsterdam’).
String value expected.
Updates cause replacement.
Value must be of type timezone

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Aodh::GnocchiAggregationByMetricsAlarm
    properties:
      aggregation_method: String
      alarm_actions: [Value, Value, ...]
      alarm_queues: [String, String, ...]
      comparison_operator: String
      description: String
      enabled: Boolean
      evaluation_periods: Integer
      granularity: Integer
      insufficient_data_actions: [Value, Value, ...]
      insufficient_data_queues: [String, String, ...]
      metrics: [Value, Value, ...]
      ok_actions: [Value, Value, ...]
      ok_queues: [String, String, ...]
      repeat_actions: Boolean
      severity: String
      threshold: Number
      time_constraints: [{"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, {"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, ...]

OS::Aodh::GnocchiAggregationByResourcesAlarm

Available since 2015.1 (Kilo)

A resource that implements alarm as an aggregation of resources alarms.

A resource that implements alarm which uses aggregation of resources alarms with some condition. If state of a system is satisfied alarm condition, alarm is activated.

Required Properties

metric
Metric name watched by the alarm.
String value expected.
Can be updated without replacement.
query
The query to filter the metrics.
String value expected.
Can be updated without replacement.
resource_type
Resource type.
String value expected.
Can be updated without replacement.
threshold
Threshold to evaluate against.
Number value expected.
Can be updated without replacement.

Optional Properties

aggregation_method
The aggregation method to compare to the threshold.
String value expected.
Can be updated without replacement.
alarm_actions
A list of URLs (webhooks) to invoke when state transitions to alarm.
List value expected.
Can be updated without replacement.
alarm_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to alarm.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
comparison_operator
Operator used to compare specified statistic with threshold.
String value expected.
Can be updated without replacement.
Allowed values: “le”, “ge”, “eq”, “lt”, “gt”, “ne”
description
Description for the alarm.
String value expected.
Can be updated without replacement.
enabled
True if alarm evaluation/actioning is enabled.
Boolean value expected.
Can be updated without replacement.
Defaults to "true"
evaluation_periods
Number of periods to evaluate over.
Integer value expected.
Can be updated without replacement.
granularity
The time range in seconds.
Integer value expected.
Can be updated without replacement.
insufficient_data_actions
A list of URLs (webhooks) to invoke when state transitions to insufficient-data.
List value expected.
Can be updated without replacement.
insufficient_data_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to insufficient-data.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
ok_actions
A list of URLs (webhooks) to invoke when state transitions to ok.
List value expected.
Can be updated without replacement.
ok_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to ok.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
repeat_actions
False to trigger actions when the threshold is reached AND the alarm’s state has changed. By default, actions are called each time the threshold is reached.
Boolean value expected.
Can be updated without replacement.
Defaults to "true"
severity

Available since 5.0.0 (Liberty)

Severity of the alarm.
String value expected.
Can be updated without replacement.
Defaults to "low"
Allowed values: “low”, “moderate”, “critical”
time_constraints

Available since 5.0.0 (Liberty)

Describe time constraints for the alarm. Only evaluate the alarm if the time at evaluation is within this time constraint. Start point(s) of the constraint are specified with a cron expression, whereas its duration is given in seconds.
List value expected.
Updates cause replacement.
Defaults to []
List contents:
Map value expected.
Updates cause replacement.
Map properties:
description
Optional.
Description for the time constraint.
String value expected.
Updates cause replacement.
duration
Required.
Duration for the time constraint.
Integer value expected.
Updates cause replacement.
The value must be at least 0.
name
Required.
Name for the time constraint.
String value expected.
Updates cause replacement.
start
Required.
Start time for the time constraint. A CRON expression property.
String value expected.
Updates cause replacement.
Value must be of type cron_expression
timezone
Optional.
Timezone for the time constraint (eg. ‘Asia/Taipei’, ‘Europe/Amsterdam’).
String value expected.
Updates cause replacement.
Value must be of type timezone

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Aodh::GnocchiAggregationByResourcesAlarm
    properties:
      aggregation_method: String
      alarm_actions: [Value, Value, ...]
      alarm_queues: [String, String, ...]
      comparison_operator: String
      description: String
      enabled: Boolean
      evaluation_periods: Integer
      granularity: Integer
      insufficient_data_actions: [Value, Value, ...]
      insufficient_data_queues: [String, String, ...]
      metric: String
      ok_actions: [Value, Value, ...]
      ok_queues: [String, String, ...]
      query: String
      repeat_actions: Boolean
      resource_type: String
      severity: String
      threshold: Number
      time_constraints: [{"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, {"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, ...]

OS::Aodh::GnocchiResourcesAlarm

Available since 2015.1 (Kilo)

A resource allowing for the watch of some specified resource.

An alarm that evaluates threshold based on some metric for the specified resource.

Required Properties

metric
Metric name watched by the alarm.
String value expected.
Can be updated without replacement.
resource_id
Id of a resource.
String value expected.
Can be updated without replacement.
resource_type
Resource type.
String value expected.
Can be updated without replacement.
threshold
Threshold to evaluate against.
Number value expected.
Can be updated without replacement.

Optional Properties

aggregation_method
The aggregation method to compare to the threshold.
String value expected.
Can be updated without replacement.
alarm_actions
A list of URLs (webhooks) to invoke when state transitions to alarm.
List value expected.
Can be updated without replacement.
alarm_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to alarm.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
comparison_operator
Operator used to compare specified statistic with threshold.
String value expected.
Can be updated without replacement.
Allowed values: “le”, “ge”, “eq”, “lt”, “gt”, “ne”
description
Description for the alarm.
String value expected.
Can be updated without replacement.
enabled
True if alarm evaluation/actioning is enabled.
Boolean value expected.
Can be updated without replacement.
Defaults to "true"
evaluation_periods
Number of periods to evaluate over.
Integer value expected.
Can be updated without replacement.
granularity
The time range in seconds.
Integer value expected.
Can be updated without replacement.
insufficient_data_actions
A list of URLs (webhooks) to invoke when state transitions to insufficient-data.
List value expected.
Can be updated without replacement.
insufficient_data_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to insufficient-data.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
ok_actions
A list of URLs (webhooks) to invoke when state transitions to ok.
List value expected.
Can be updated without replacement.
ok_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to ok.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
repeat_actions
False to trigger actions when the threshold is reached AND the alarm’s state has changed. By default, actions are called each time the threshold is reached.
Boolean value expected.
Can be updated without replacement.
Defaults to "true"
severity

Available since 5.0.0 (Liberty)

Severity of the alarm.
String value expected.
Can be updated without replacement.
Defaults to "low"
Allowed values: “low”, “moderate”, “critical”
time_constraints

Available since 5.0.0 (Liberty)

Describe time constraints for the alarm. Only evaluate the alarm if the time at evaluation is within this time constraint. Start point(s) of the constraint are specified with a cron expression, whereas its duration is given in seconds.
List value expected.
Updates cause replacement.
Defaults to []
List contents:
Map value expected.
Updates cause replacement.
Map properties:
description
Optional.
Description for the time constraint.
String value expected.
Updates cause replacement.
duration
Required.
Duration for the time constraint.
Integer value expected.
Updates cause replacement.
The value must be at least 0.
name
Required.
Name for the time constraint.
String value expected.
Updates cause replacement.
start
Required.
Start time for the time constraint. A CRON expression property.
String value expected.
Updates cause replacement.
Value must be of type cron_expression
timezone
Optional.
Timezone for the time constraint (eg. ‘Asia/Taipei’, ‘Europe/Amsterdam’).
String value expected.
Updates cause replacement.
Value must be of type timezone

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Aodh::GnocchiResourcesAlarm
    properties:
      aggregation_method: String
      alarm_actions: [Value, Value, ...]
      alarm_queues: [String, String, ...]
      comparison_operator: String
      description: String
      enabled: Boolean
      evaluation_periods: Integer
      granularity: Integer
      insufficient_data_actions: [Value, Value, ...]
      insufficient_data_queues: [String, String, ...]
      metric: String
      ok_actions: [Value, Value, ...]
      ok_queues: [String, String, ...]
      repeat_actions: Boolean
      resource_id: String
      resource_type: String
      severity: String
      threshold: Number
      time_constraints: [{"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, {"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, ...]

OS::Aodh::LBMemberHealthAlarm

Available since 13.0.0 (Train)

A resource that implements a Loadbalancer Member Health Alarm.

Allows setting alarms based on the health of load balancer pool members, where the health of a member is determined by the member reporting an operating_status of ERROR beyond an initial grace period after creation (120 seconds by default).

Required Properties

autoscaling_group_id
ID of the Heat autoscaling group that contains the loadbalancer members. Unhealthy members will be marked as such before an update is triggered on the root stack.
String value expected.
Can be updated without replacement.
pool
Name or ID of the loadbalancer pool for which the health of each member will be evaluated.
String value expected.
Can be updated without replacement.
stack
Name or ID of the root / top level Heat stack containing the loadbalancer pool and members. An update will be triggered on the root Stack if an unhealthy member is detected in the loadbalancer pool.
String value expected.
Updates cause replacement.

Optional Properties

alarm_actions
A list of URLs (webhooks) to invoke when state transitions to alarm.
List value expected.
Can be updated without replacement.
alarm_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to alarm.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
description
Description for the alarm.
String value expected.
Can be updated without replacement.
enabled
True if alarm evaluation/actioning is enabled.
Boolean value expected.
Can be updated without replacement.
Defaults to "true"
insufficient_data_actions
A list of URLs (webhooks) to invoke when state transitions to insufficient-data.
List value expected.
Can be updated without replacement.
insufficient_data_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to insufficient-data.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
ok_actions
A list of URLs (webhooks) to invoke when state transitions to ok.
List value expected.
Can be updated without replacement.
ok_queues

Available since 8.0.0 (Ocata)

A list of Zaqar queues to post to when state transitions to ok.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type zaqar.queue
repeat_actions
False to trigger actions when the threshold is reached AND the alarm’s state has changed. By default, actions are called each time the threshold is reached.
Boolean value expected.
Can be updated without replacement.
Defaults to "true"
severity

Available since 5.0.0 (Liberty)

Severity of the alarm.
String value expected.
Can be updated without replacement.
Defaults to "low"
Allowed values: “low”, “moderate”, “critical”
time_constraints

Available since 5.0.0 (Liberty)

Describe time constraints for the alarm. Only evaluate the alarm if the time at evaluation is within this time constraint. Start point(s) of the constraint are specified with a cron expression, whereas its duration is given in seconds.
List value expected.
Updates cause replacement.
Defaults to []
List contents:
Map value expected.
Updates cause replacement.
Map properties:
description
Optional.
Description for the time constraint.
String value expected.
Updates cause replacement.
duration
Required.
Duration for the time constraint.
Integer value expected.
Updates cause replacement.
The value must be at least 0.
name
Required.
Name for the time constraint.
String value expected.
Updates cause replacement.
start
Required.
Start time for the time constraint. A CRON expression property.
String value expected.
Updates cause replacement.
Value must be of type cron_expression
timezone
Optional.
Timezone for the time constraint (eg. ‘Asia/Taipei’, ‘Europe/Amsterdam’).
String value expected.
Updates cause replacement.
Value must be of type timezone

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Aodh::LBMemberHealthAlarm
    properties:
      alarm_actions: [Value, Value, ...]
      alarm_queues: [String, String, ...]
      autoscaling_group_id: String
      description: String
      enabled: Boolean
      insufficient_data_actions: [Value, Value, ...]
      insufficient_data_queues: [String, String, ...]
      ok_actions: [Value, Value, ...]
      ok_queues: [String, String, ...]
      pool: String
      repeat_actions: Boolean
      severity: String
      stack: String
      time_constraints: [{"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, {"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, ...]

OS::Barbican::CertificateContainer

Available since 6.0.0 (Mitaka)

A resource for creating barbican certificate container.

A certificate container is used for storing the secrets that are relevant to certificates.

Optional Properties

certificate_ref
Reference to certificate.
String value expected.
Updates cause replacement.
Value must be of type barbican.secret
intermediates_ref
Reference to intermediates.
String value expected.
Updates cause replacement.
Value must be of type barbican.secret
name
Human-readable name for the container.
String value expected.
Updates cause replacement.
private_key_passphrase_ref
Reference to private key passphrase.
String value expected.
Updates cause replacement.
Value must be of type barbican.secret
private_key_ref
Reference to private key.
String value expected.
Updates cause replacement.
Value must be of type barbican.secret

Attributes

consumers

The URIs to container consumers.

container_ref

The URI to the container.

secret_refs

The URIs to secrets stored in container.

show

Detailed information about resource.

status

The status of the container.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Barbican::CertificateContainer
    properties:
      certificate_ref: String
      intermediates_ref: String
      name: String
      private_key_passphrase_ref: String
      private_key_ref: String

OS::Barbican::GenericContainer

Available since 6.0.0 (Mitaka)

A resource for creating Barbican generic container.

A generic container is used for any type of secret that a user may wish to aggregate. There are no restrictions on the amount of secrets that can be held within this container.

Optional Properties

name
Human-readable name for the container.
String value expected.
Updates cause replacement.
secrets
References to secrets that will be stored in container.
List value expected.
Updates cause replacement.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
name
Required.
Name of the secret.
String value expected.
Updates cause replacement.
ref
Required.
Reference to the secret.
String value expected.
Updates cause replacement.
Value must be of type barbican.secret

Attributes

consumers

The URIs to container consumers.

container_ref

The URI to the container.

secret_refs

The URIs to secrets stored in container.

show

Detailed information about resource.

status

The status of the container.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Barbican::GenericContainer
    properties:
      name: String
      secrets: [{"name": String, "ref": String}, {"name": String, "ref": String}, ...]

OS::Barbican::Order

Available since 2014.2 (Juno)

A resource allowing for the generation secret material by Barbican.

The resource allows to generate some secret material. It can be, for example, some key or certificate. The order encapsulates the workflow and history for the creation of a secret. The time to generate a secret can vary depending on the type of secret.

Required Properties

type

Available since 5.0.0 (Liberty)

The type of the order.
String value expected.
Updates cause replacement.
Allowed values: “key”, “asymmetric”, “certificate”

Optional Properties

algorithm
The algorithm type used to generate the secret. Required for key and asymmetric types of order.
String value expected.
Updates cause replacement.
bit_length
The bit-length of the secret. Required for key and asymmetric types of order.
Integer value expected.
Updates cause replacement.
ca_id

Available since 5.0.0 (Liberty)

The identifier of the CA to use.
String value expected.
Updates cause replacement.
expiration
The expiration date for the secret in ISO-8601 format.
String value expected.
Updates cause replacement.
Value must be of type expiration
mode
The type/mode of the algorithm associated with the secret information.
String value expected.
Updates cause replacement.
name
Human readable name for the secret.
String value expected.
Updates cause replacement.
pass_phrase

Available since 5.0.0 (Liberty)

The passphrase of the created key. Can be set only for asymmetric type of order.
String value expected.
Updates cause replacement.
payload_content_type
The type/format the secret data is provided in.
String value expected.
Updates cause replacement.
profile

Available since 5.0.0 (Liberty)

The profile of certificate to use.
String value expected.
Updates cause replacement.
request_data

Available since 5.0.0 (Liberty)

The content of the CSR. Only for certificate orders.
String value expected.
Updates cause replacement.
request_type

Available since 5.0.0 (Liberty)

The type of the certificate request.
String value expected.
Updates cause replacement.
Allowed values: “stored-key”, “simple-cmc”, “custom”
source_container_ref

Available since 5.0.0 (Liberty)

The source of certificate request.
String value expected.
Updates cause replacement.
Value must be of type barbican.container
subject_dn

Available since 5.0.0 (Liberty)

The subject of the certificate request.
String value expected.
Updates cause replacement.

Attributes

certificate

Available since 5.0.0 (Liberty)

The payload of the created certificate, if available.

container_ref

Available since 5.0.0 (Liberty)

The URI to the created container.

intermediates

Available since 5.0.0 (Liberty)

The payload of the created intermediates, if available.

order_ref

The URI to the order.

private_key

Available since 5.0.0 (Liberty)

The payload of the created private key, if available.

public_key

Available since 5.0.0 (Liberty)

The payload of the created public key, if available.

secret_ref

The URI to the created secret.

show

Detailed information about resource.

status

The status of the order.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Barbican::Order
    properties:
      algorithm: String
      bit_length: Integer
      ca_id: String
      expiration: String
      mode: String
      name: String
      pass_phrase: String
      payload_content_type: String
      profile: String
      request_data: String
      request_type: String
      source_container_ref: String
      subject_dn: String
      type: String

OS::Barbican::RSAContainer

Available since 6.0.0 (Mitaka)

A resource for creating barbican RSA container.

An RSA container is used for storing RSA public keys, private keys, and private key pass phrases.

Optional Properties

name
Human-readable name for the container.
String value expected.
Updates cause replacement.
private_key_passphrase_ref
Reference to private key passphrase.
String value expected.
Updates cause replacement.
Value must be of type barbican.secret
private_key_ref
Reference to private key.
String value expected.
Updates cause replacement.
Value must be of type barbican.secret
public_key_ref
Reference to public key.
String value expected.
Updates cause replacement.
Value must be of type barbican.secret

Attributes

consumers

The URIs to container consumers.

container_ref

The URI to the container.

secret_refs

The URIs to secrets stored in container.

show

Detailed information about resource.

status

The status of the container.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Barbican::RSAContainer
    properties:
      name: String
      private_key_passphrase_ref: String
      private_key_ref: String
      public_key_ref: String

OS::Barbican::Secret

Available since 2014.2 (Juno)

The resource provides access to the secret/keying stored material.

A secret is a singular item that stored within Barbican. A secret is anything you want it to be; however, the formal use case is a key that you wish to store away from prying eyes. Secret may include private keys, passwords and so on.

Optional Properties

algorithm
The algorithm type used to generate the secret.
String value expected.
Updates cause replacement.
bit_length
The bit-length of the secret.
Integer value expected.
Updates cause replacement.
The value must be at least 0.
expiration
The expiration date for the secret in ISO-8601 format.
String value expected.
Updates cause replacement.
Value must be of type expiration
mode
The type/mode of the algorithm associated with the secret information.
String value expected.
Updates cause replacement.
name
Human readable name for the secret.
String value expected.
Updates cause replacement.
payload
The unencrypted plain text of the secret.
String value expected.
Updates cause replacement.
payload_content_encoding
The encoding format used to provide the payload data.
String value expected.
Updates cause replacement.
Allowed values: “base64”
payload_content_type
The type/format the secret data is provided in.
String value expected.
Updates cause replacement.
Allowed values: “text/plain”, “application/octet-stream”
secret_type

Available since 5.0.0 (Liberty)

The type of the secret.
String value expected.
Updates cause replacement.
Defaults to "opaque"
Allowed values: “symmetric”, “public”, “private”, “certificate”, “passphrase”, “opaque”

Attributes

decrypted_payload

The decrypted secret payload.

show

Detailed information about resource.

status

The status of the secret.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Barbican::Secret
    properties:
      algorithm: String
      bit_length: Integer
      expiration: String
      mode: String
      name: String
      payload: String
      payload_content_encoding: String
      payload_content_type: String
      secret_type: String

OS::Blazar::Host

Available since 12.0.0 (Stein)

A resource to manage Blazar hosts.

Host resource manages the physical hosts for the lease/reservation within OpenStack.

# TODO(asmita): Based on an agreement with Blazar team, this resource class does not support updating host resource as currently Blazar does not support to delete existing extra_capability keys while updating host. Also, in near future, when Blazar team will come up with a new alternative API to resolve this issue, we will need to modify this class.

Required Properties

name
The name of the host.
String value expected.
Updates cause replacement.

Optional Properties

extra_capability
The extra capability of the host.
Map value expected.
Updates cause replacement.

Attributes

cpu_info

Information of the CPU of the host.

created_at

The date and time when the host was created. The date and time format must be “CCYY-MM-DD hh:mm”.

extra_capability

The extra capability of the host.

hypervisor_hostname

The hypervisor name of the host.

hypervisor_type

The hypervisor type the host.

hypervisor_version

The hypervisor version of the host.

local_gb

Gigabytes of the disk of the host.

memory_mb

Megabytes of the memory of the host.

reservable

The flag which represents whether the host is reservable or not.

service_name

The compute service name of the host.

show

Detailed information about resource.

status

The status of the host.

trust_id

The UUID of the trust of the host operator.

updated_at

The date and time when the host was updated. The date and time format must be “CCYY-MM-DD hh:mm”.

vcpus

The number of the VCPUs of the host.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Blazar::Host
    properties:
      extra_capability: {...}
      name: String

OS::Blazar::Lease

Available since 12.0.0 (Stein)

A resource to manage Blazar leases.

Lease resource manages the reservations of specific type/amount of cloud resources within OpenStack.

Note: Based on an agreement with Blazar team, this resource class does not support updating, because current Blazar lease scheme is not suitable for Heat, if you want to update a lease, you need to specify reservation’s id, which is one of attribute of lease.

Required Properties

end_date
The end date and time of the lease The date and time format must be “CCYY-MM-DD hh:mm”.
String value expected.
Updates cause replacement.
Value must match pattern: \d{4}-\d{2}-\d{2}\s\d{2}:\d{2}
name
The name of the lease.
String value expected.
Updates cause replacement.
reservations
The list of reservations.
List value expected.
Updates cause replacement.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
affinity
Optional.
The affinity of instances to reserve.
Boolean value expected.
Updates cause replacement.
Defaults to false
amount
Optional.
The amount of instances to reserve.
Integer value expected.
Updates cause replacement.
The value must be in the range 0 to 2147483647.
before_end
Optional.
The before-end-action of the reservation.
String value expected.
Updates cause replacement.
Defaults to "default"
Allowed values: “default”, “snapshot”
disk_gb
Optional.
Gigabytes of the local disk per the instance.
Integer value expected.
Updates cause replacement.
The value must be in the range 0 to 2147483647.
hypervisor_properties
Optional.
Properties of the hypervisor to reserve.
String value expected.
Updates cause replacement.
max
Optional.
The maximum number of hosts to reserve.
Integer value expected.
Updates cause replacement.
The value must be at least 1.
memory_mb
Optional.
Megabytes of memory per the instance.
Integer value expected.
Updates cause replacement.
The value must be in the range 0 to 2147483647.
min
Optional.
The minimum number of hosts to reserve.
Integer value expected.
Updates cause replacement.
The value must be at least 1.
resource_properties
Optional.
Properties of the resource to reserve.
String value expected.
Updates cause replacement.
resource_type
Required.
The type of the resource to reserve.
String value expected.
Updates cause replacement.
Allowed values: “virtual:instance”, “physical:host”
vcpus
Optional.
The number of VCPUs per the instance.
Integer value expected.
Updates cause replacement.
The value must be in the range 0 to 2147483647.
start_date
The start date and time of the lease. The date and time format must be “CCYY-MM-DD hh:mm”.
String value expected.
Updates cause replacement.
Value must match pattern: \d{4}-\d{2}-\d{2}\s\d{2}:\d{2}

Optional Properties

before_end_date
The date and time for the before-end-action of the lease. The date and time format must be “CCYY-MM-DD hh:mm”.
String value expected.
Updates cause replacement.
Value must match pattern: \d{4}-\d{2}-\d{2}\s\d{2}:\d{2}
events
A list of event objects.
List value expected.
Updates cause replacement.
Defaults to []
List contents:
Map value expected.
Updates cause replacement.
Map properties:
event_type
Required.
The type of the event (e.g. notification).
String value expected.
Updates cause replacement.
time
Required.
The date and time of the event. The date and time format must be “CCYY-MM-DD hh:mm”.
String value expected.
Updates cause replacement.

Attributes

created_at

The date and time when the lease was created. The date and time format is “CCYY-MM-DD hh:mm”.

degraded

The flag which represents condition of reserved resources of the lease. If it is true, the amount of reserved resources is less than the request or reserved resources were changed.

end_date

The end date and time of the lease. The date and time format is “CCYY-MM-DD hh:mm”.

events

Event information of the lease.

name

The name of the lease.

project_id

The UUID the project which owns the lease.

reservations

A list of reservation objects.

show

Detailed information about resource.

start_date

The start date and time of the lease. The date and time format is “CCYY-MM-DD hh:mm”.

status

The status of the lease.

trust_id

The UUID of the trust of the lease owner.

updated_at

The date and time when the lease was updated. The date and time format is “CCYY-MM-DD hh:mm”.

user_id

The UUID of the lease owner.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Blazar::Lease
    properties:
      before_end_date: String
      end_date: String
      events: [{"event_type": String, "time": String}, {"event_type": String, "time": String}, ...]
      name: String
      reservations: [{"resource_type": String, "min": Integer, "max": Integer, "hypervisor_properties": String, "resource_properties": String, "before_end": String, "amount": Integer, "vcpus": Integer, "memory_mb": Integer, "disk_gb": Integer, "affinity": Boolean}, {"resource_type": String, "min": Integer, "max": Integer, "hypervisor_properties": String, "resource_properties": String, "before_end": String, "amount": Integer, "vcpus": Integer, "memory_mb": Integer, "disk_gb": Integer, "affinity": Boolean}, ...]
      start_date: String

OS::Cinder::EncryptedVolumeType

Available since 5.0.0 (Liberty)

A resource for encrypting a cinder volume type.

A Volume Encryption Type is a collection of settings used to conduct encryption for a specific volume type.

Note that default cinder security policy usage of this resource is limited to being used by administrators only.

Required Properties

provider
The class that provides encryption support. For example, nova.volume.encryptors.luks.LuksEncryptor.
String value expected.
Can be updated without replacement.
volume_type
Name or id of volume type (OS::Cinder::VolumeType).
String value expected.
Updates cause replacement.
Value must be of type cinder.vtype

Optional Properties

cipher
The encryption algorithm or mode. For example, aes-xts-plain64.
String value expected.
Can be updated without replacement.
Allowed values: “aes-xts-plain64”, “aes-cbc-essiv”
control_location
Notional service where encryption is performed For example, front-end. For Nova.
String value expected.
Can be updated without replacement.
Defaults to "front-end"
Allowed values: “front-end”, “back-end”
key_size
Size of encryption key, in bits. For example, 128 or 256.
Integer value expected.
Can be updated without replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Cinder::EncryptedVolumeType
    properties:
      cipher: String
      control_location: String
      key_size: Integer
      provider: String
      volume_type: String

OS::Cinder::QoSAssociation

Available since 8.0.0 (Ocata)

A resource to associate cinder QoS specs with volume types.

Usage of this resource restricted to admins only by default policy.

Required Properties

qos_specs
ID or Name of the QoS specs.
String value expected.
Updates cause replacement.
Value must be of type cinder.qos_specs
volume_types
List of volume type IDs or Names to be attached to QoS specs.
List value expected.
Can be updated without replacement.
List contents:
Optional.
A volume type to attach specs.
String value expected.
Can be updated without replacement.
Value must be of type cinder.vtype

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Cinder::QoSAssociation
    properties:
      qos_specs: String
      volume_types: [String, String, ...]

OS::Cinder::QoSSpecs

Available since 7.0.0 (Newton)

A resource for creating cinder QoS specs.

Users can ask for a specific volume type. Part of that volume type is a string that defines the QoS of the volume IO (fast, normal, or slow). Backends that can handle all of the demands of the volume type become candidates for scheduling. Usage of this resource restricted to admins only by default policy.

Required Properties

specs
The specs key and value pairs of the QoS.
Map value expected.
Can be updated without replacement.

Optional Properties

name
Name of the QoS.
String value expected.
Updates cause replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Cinder::QoSSpecs
    properties:
      name: String
      specs: {...}

OS::Cinder::Quota

Available since 7.0.0 (Newton)

A resource for creating cinder quotas.

Cinder Quota is used to manage operational limits for projects. Currently, this resource can manage Cinder’s gigabytes, snapshots, and volumes quotas.

Note that default cinder security policy usage of this resource is limited to being used by administrators only. Administrators should be careful to create only one Cinder Quota resource per project, otherwise it will be hard for them to manage the quota properly.

Required Properties

project
OpenStack Keystone Project.
String value expected.
Updates cause replacement.
Value must be of type keystone.project

Optional Properties

backup_gigabytes

Available since 16.0.0

Quota for the amount of backups disk space (in Gigabytes). Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
backups

Available since 16.0.0

Quota for the number of backups. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
gigabytes
Quota for the amount of disk space (in Gigabytes). Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
snapshots
Quota for the number of snapshots. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
volumes
Quota for the number of volumes. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Cinder::Quota
    properties:
      backup_gigabytes: Integer
      backups: Integer
      gigabytes: Integer
      project: String
      snapshots: Integer
      volumes: Integer

OS::Cinder::Volume

A resource that implements Cinder volumes.

Cinder volume is a storage in the form of block devices. It can be used, for example, for providing storage to instance. Volume supports creation from snapshot, backup or image. Also volume can be created only by size.

Optional Properties

availability_zone
The availability zone in which the volume will be created.
String value expected.
Updates cause replacement.
backup_id
If specified, the backup to create the volume from.
String value expected.
Can be updated without replacement.
Value must be of type cinder.backup
description
A description of the volume.
String value expected.
Can be updated without replacement.
image
If specified, the name or ID of the image to create the volume from.
String value expected.
Updates cause replacement.
Value must be of type glance.image
metadata
Key/value pairs to associate with the volume.
Map value expected.
Can be updated without replacement.
Defaults to {}
name
A name used to distinguish the volume.
String value expected.
Can be updated without replacement.
read_only

Available since 5.0.0 (Liberty)

Enables or disables read-only access mode of volume.
Boolean value expected.
Can be updated without replacement.
scheduler_hints

Available since 2015.1 (Kilo)

Arbitrary key-value pairs specified by the client to help the Cinder scheduler creating a volume.
Map value expected.
Updates cause replacement.
size
The size of the volume in GB. On update only increase in size is supported. This property is required unless property backup_id or source_volid or snapshot_id is specified.
Integer value expected.
Can be updated without replacement.
The value must be at least 1.
snapshot_id
If specified, the snapshot to create the volume from.
String value expected.
Updates cause replacement.
Value must be of type cinder.snapshot
source_volid
If specified, the volume to use as source.
String value expected.
Updates cause replacement.
Value must be of type cinder.volume
volume_type
If specified, the type of volume to use, mapping to a specific backend.
String value expected.
Can be updated without replacement.
Value must be of type cinder.vtype

Attributes

attachments

DEPRECATED since 9.0.0 (Pike) - Use property attachments_list.

Available since 2015.1 (Kilo)

A string representation of the list of attachments of the volume.

attachments_list

Available since 9.0.0 (Pike)

The list of attachments of the volume.

availability_zone

The availability zone in which the volume is located.

bootable

Boolean indicating if the volume can be booted or not.

created_at

The timestamp indicating volume creation.

display_description

Description of the volume.

display_name

Name of the volume.

encrypted

Boolean indicating if the volume is encrypted or not.

metadata

Key/value pairs associated with the volume.

metadata_values

Key/value pairs associated with the volume in raw dict form.

multiattach

Available since 6.0.0 (Mitaka)

Boolean indicating whether allow the volume to be attached more than once.

show

Detailed information about resource.

size

The size of the volume in GB.

snapshot_id

The snapshot the volume was created from, if any.

source_volid

The volume used as source, if any.

status

The current status of the volume.

volume_type

The type of the volume mapping to a backend, if any.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Cinder::Volume
    properties:
      availability_zone: String
      backup_id: String
      description: String
      image: String
      metadata: {...}
      name: String
      read_only: Boolean
      scheduler_hints: {...}
      size: Integer
      snapshot_id: String
      source_volid: String
      volume_type: String

OS::Cinder::VolumeAttachment

Resource for associating volume to instance.

Resource for associating existing volume to instance. Also, the location where the volume is exposed on the instance can be specified.

Required Properties

instance_uuid
The ID of the server to which the volume attaches.
String value expected.
Can be updated without replacement.
volume_id
The ID of the volume to be attached.
String value expected.
Can be updated without replacement.
Value must be of type cinder.volume

Optional Properties

mountpoint
The location where the volume is exposed on the instance. This assignment may not be honored and it is advised that the path /dev/disk/by-id/virtio-<VolumeId> be used instead.
String value expected.
Can be updated without replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Cinder::VolumeAttachment
    properties:
      instance_uuid: String
      mountpoint: String
      volume_id: String

OS::Cinder::VolumeType

Available since 2015.1 (Kilo)

A resource for creating cinder volume types.

Volume type resource allows to define, whether volume, which will be use this type, will public and which projects are allowed to work with it. Also, there can be some user-defined metadata.

Note that default cinder security policy usage of this resource is limited to being used by administrators only.

Required Properties

name
Name of the volume type.
String value expected.
Can be updated without replacement.

Optional Properties

description

Available since 5.0.0 (Liberty)

Description of the volume type.
String value expected.
Can be updated without replacement.
is_public

Available since 5.0.0 (Liberty)

Whether the volume type is accessible to the public.
Boolean value expected.
Can be updated without replacement.
Defaults to true
metadata
The extra specs key and value pairs of the volume type.
Map value expected.
Can be updated without replacement.
projects

Available since 5.0.0 (Liberty)

Projects to add volume type access to. NOTE: This property is only supported since Cinder API V2.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type keystone.project

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Cinder::VolumeType
    properties:
      description: String
      is_public: Boolean
      metadata: {...}
      name: String
      projects: [String, String, ...]

OS::Designate::RecordSet

Available since 8.0.0 (Ocata)

Heat Template Resource for Designate RecordSet.

Designate provides DNS-as-a-Service services for OpenStack. RecordSet helps to add more than one records.

Required Properties

records
A list of data for this RecordSet. Each item will be a separate record in Designate These items should conform to the DNS spec for the record type - e.g. A records must be IPv4 addresses, CNAME records must be a hostname. DNS record data varies based on the type of record. For more details, please refer rfc 1035.
List value expected.
Can be updated without replacement.
type
DNS RecordSet type.
String value expected.
Updates cause replacement.
Allowed values: “A”, “AAAA”, “CNAME”, “MX”, “SRV”, “TXT”, “SPF”, “NS”, “PTR”, “SSHFP”, “SOA”
zone
DNS Zone id or name.
String value expected.
Updates cause replacement.
Value must be of type designate.zone

Optional Properties

description
Description of RecordSet.
String value expected.
Can be updated without replacement.
The length must be no greater than 160.
name
RecordSet name.
String value expected.
Updates cause replacement.
The length must be no greater than 255.
ttl
Time To Live (Seconds).
Integer value expected.
Can be updated without replacement.
The value must be in the range 1 to 2147483647.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Designate::RecordSet
    properties:
      description: String
      name: String
      records: [Value, Value, ...]
      ttl: Integer
      type: String
      zone: String

OS::Designate::Zone

Available since 8.0.0 (Ocata)

Heat Template Resource for Designate Zone.

Designate provides DNS-as-a-Service services for OpenStack. So, zone, part of domain is a realm with an identification string, unique in DNS.

Required Properties

name
DNS Name for the zone.
String value expected.
Updates cause replacement.
The length must be no greater than 255.

Optional Properties

description
Description of zone.
String value expected.
Can be updated without replacement.
The length must be no greater than 160.
email
E-mail for the zone. Used in SOA records for the zone. It is required for PRIMARY Type, otherwise ignored.
String value expected.
Can be updated without replacement.
primaries
The primary servers to transfer DNS zone information from. Mandatory for zone type SECONDARY, otherwise ignored.
List value expected.
Can be updated without replacement.
ttl
Time To Live (Seconds) for the zone.
Integer value expected.
Can be updated without replacement.
The value must be in the range 1 to 2147483647.
type
Type of zone. PRIMARY is controlled by Designate, SECONDARY zones are transferred from another DNS Server.
String value expected.
Updates cause replacement.
Defaults to "PRIMARY"
Allowed values: “PRIMARY”, “SECONDARY”
masters

DEPRECATED since 15.0.0 (Victoria) - Use ``primaries`` instead.

The primary servers to transfer DNS zone information from. Mandatory for zone type SECONDARY, otherwise ignored.
List value expected.
Can be updated without replacement.

Attributes

serial

DNS zone serial number.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Designate::Zone
    properties:
      description: String
      email: String
      name: String
      primaries: [Value, Value, ...]
      ttl: Integer
      type: String

OS::Glance::WebImage

Available since 12.0.0 (Stein)

A resource managing images in Glance using web-download import.

This provides image support for recent Glance installation.

Required Properties

container_format
Container format of image.
String value expected.
Updates cause replacement.
Allowed values: “ami”, “ari”, “aki”, “bare”, “ovf”, “ova”, “docker”
disk_format
Disk format of image.
String value expected.
Updates cause replacement.
Allowed values: “ami”, “ari”, “aki”, “vhd”, “vhdx”, “vmdk”, “raw”, “qcow2”, “vdi”, “iso”, “ploop”
location
URL where the data for this image already resides. For example, if the image data is stored in swift, you could specify “swift://example.com/container/obj”.
String value expected.
Updates cause replacement.

Optional Properties

active

Available since 16.0.0

Activate or deactivate the image. Requires Admin Access.
Boolean value expected.
Can be updated without replacement.
Defaults to true
architecture
Operating system architecture.
String value expected.
Can be updated without replacement.
id
The image ID. Glance will generate a UUID if not specified.
String value expected.
Updates cause replacement.
kernel_id
ID of image stored in Glance that should be used as the kernel when booting an AMI-style image.
String value expected.
Can be updated without replacement.
Value must match pattern: ^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$
members

Available since 16.0.0

List of additional members that are permitted to read the image. This may be a Keystone Project IDs or User IDs, depending on the Glance configuration in use.
List value expected.
Can be updated without replacement.
List contents:
Optional.
A member ID. This may be a Keystone Project ID or User ID, depending on the Glance configuration in use.
String value expected.
Can be updated without replacement.
min_disk
Amount of disk space (in GB) required to boot image. Default value is 0 if not specified and means no limit on the disk size.
Integer value expected.
Updates cause replacement.
Defaults to 0
The value must be at least 0.
min_ram
Amount of ram (in MB) required to boot image. Default value is 0 if not specified and means no limit on the ram size.
Integer value expected.
Updates cause replacement.
Defaults to 0
The value must be at least 0.
name
Name for the image. The name of an image is not unique to a Image Service node.
String value expected.
Updates cause replacement.
os_distro
The common name of the operating system distribution in lowercase.
String value expected.
Can be updated without replacement.
os_version
Operating system version as specified by the distributor.
String value expected.
Can be updated without replacement.
owner
Owner of the image.
String value expected.
Can be updated without replacement.
protected
Whether the image can be deleted. If the value is True, the image is protected and cannot be deleted.
Boolean value expected.
Can be updated without replacement.
Defaults to false
ramdisk_id
ID of image stored in Glance that should be used as the ramdisk when booting an AMI-style image.
String value expected.
Can be updated without replacement.
Value must match pattern: ^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$
tags
List of image tags.
List value expected.
Can be updated without replacement.
visibility
Scope of image accessibility.
String value expected.
Can be updated without replacement.
Defaults to "private"
Allowed values: “public”, “private”, “community”, “shared”

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Glance::WebImage
    properties:
      active: Boolean
      architecture: String
      container_format: String
      disk_format: String
      id: String
      kernel_id: String
      location: String
      members: [String, String, ...]
      min_disk: Integer
      min_ram: Integer
      name: String
      os_distro: String
      os_version: String
      owner: String
      protected: Boolean
      ramdisk_id: String
      tags: [Value, Value, ...]
      visibility: String

OS::Heat::AccessPolicy

Resource for defining which resources can be accessed by users.

NOTE: Now this resource is actually associated with an AWS user resource, not any OS:: resource though it is registered under the OS namespace below.

Resource for defining resources that users are allowed to access by the DescribeStackResource API.

Required Properties

AllowedResources
Resources that users are allowed to access by the DescribeStackResource API.
List value expected.
Updates cause replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::AccessPolicy
    properties:
      AllowedResources: [Value, Value, ...]

OS::Heat::AutoScalingGroup

Available since 2014.1 (Icehouse)

An autoscaling group that can scale arbitrary resources.

An autoscaling group allows the creation of a desired count of similar resources, which are defined with the resource property in HOT format. If there is a need to create many of the same resources (e.g. one hundred sets of Server, WaitCondition and WaitConditionHandle or even Neutron Nets), AutoScalingGroup is a convenient and easy way to do that.

Required Properties

max_size
Maximum number of resources in the group.
Integer value expected.
Can be updated without replacement.
The value must be at least 0.
min_size
Minimum number of resources in the group.
Integer value expected.
Can be updated without replacement.
The value must be at least 0.
resource
Resource definition for the resources in the group, in HOT format. The value of this property is the definition of a resource just as if it had been declared in the template itself.
Map value expected.
Can be updated without replacement.

Optional Properties

cooldown
Cooldown period, in seconds.
Integer value expected.
Can be updated without replacement.
desired_capacity
Desired initial number of resources.
Integer value expected.
Can be updated without replacement.
rolling_updates
Policy for rolling updates for this scaling group.
Map value expected.
Can be updated without replacement.
Defaults to {"min_in_service": 0, "max_batch_size": 1, "pause_time": 0}
Map properties:
max_batch_size
Optional.
The maximum number of resources to replace at once.
Integer value expected.
Can be updated without replacement.
Defaults to 1
The value must be at least 1.
min_in_service
Optional.
The minimum number of resources in service while rolling updates are being executed.
Integer value expected.
Can be updated without replacement.
Defaults to 0
The value must be at least 0.
pause_time
Optional.
The number of seconds to wait between batches of updates.
Number value expected.
Can be updated without replacement.
Defaults to 0
The value must be at least 0.

Attributes

current_size

Available since 2015.1 (Kilo)

The current size of AutoscalingResourceGroup.

outputs

Available since 2014.2 (Juno)

A map of resource names to the specified attribute of each individual resource that is part of the AutoScalingGroup. This map specifies output parameters that are available once the AutoScalingGroup has been instantiated.

outputs_list

Available since 2014.2 (Juno)

A list of the specified attribute of each individual resource that is part of the AutoScalingGroup. This list of attributes is available as an output once the AutoScalingGroup has been instantiated.

refs

Available since 7.0.0 (Newton)

A list of resource IDs for the resources in the group.

refs_map

Available since 7.0.0 (Newton)

A map of resource names to IDs for the resources in the group.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::AutoScalingGroup
    properties:
      cooldown: Integer
      desired_capacity: Integer
      max_size: Integer
      min_size: Integer
      resource: {...}
      rolling_updates: {"min_in_service": Integer, "max_batch_size": Integer, "pause_time": Number}

OS::Heat::CloudConfig

Available since 2014.1 (Icehouse)

A configuration resource for representing cloud-init cloud-config.

This resource allows cloud-config YAML to be defined and stored by the config API. Any intrinsic functions called in the config will be resolved before storing the result.

This resource will generally be referenced by OS::Nova::Server user_data, or OS::Heat::MultipartMime parts config. Since cloud-config is boot-only configuration, any changes to the definition will result in the replacement of all servers which reference it.

Optional Properties

cloud_config
Map representing the cloud-config data structure which will be formatted as YAML.
Map value expected.
Updates cause replacement.

Attributes

config

The config value of the software config.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::CloudConfig
    properties:
      cloud_config: {...}

OS::Heat::Delay

Available since 11.0.0 (Rocky)

A resource that pauses for a configurable delay.

By manipulating the dependency relationships between resources in the template, a delay can be inserted at an arbitrary point during e.g. stack creation or deletion. They delay will occur after any resource that it depends on during CREATE or SUSPEND, and before any resource that it depends on during DELETE or RESUME. Similarly, it will occur before any resource that depends on it during CREATE or SUSPEND, and after any resource thet depends on it during DELETE or RESUME.

If a non-zero maximum jitter is specified, a random amount of jitter - chosen with uniform probability in the range from 0 to the product of the maximum jitter value and the jitter multiplier (1s by default) - is added to the minimum delay time. This can be used, for example, in the scaled unit of a large scaling group to prevent ‘thundering herd’ issues.

Optional Properties

actions
Actions during which the delay will occur.
List value expected.
Can be updated without replacement.
Defaults to ["CREATE"]
Allowed values: “CREATE”, “DELETE”, “SUSPEND”, “RESUME”
jitter_multiplier
Number of seconds to multiply the maximum jitter value by.
Number value expected.
Can be updated without replacement.
Defaults to 1.0
The value must be at least 0.
max_jitter
Maximum jitter to add to the minimum wait time.
Number value expected.
Can be updated without replacement.
Defaults to 0
The value must be at least 0.
min_wait
Minimum time in seconds to wait during the specified actions.
Number value expected.
Can be updated without replacement.
Defaults to 0
The value must be at least 0.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::Delay
    properties:
      actions: [Value, Value, ...]
      jitter_multiplier: Number
      max_jitter: Number
      min_wait: Number

OS::Heat::DeployedServer

A resource for managing servers that are already deployed.

A DeployedServer resource manages resources for servers that have been deployed externally from OpenStack. These servers can be associated with SoftwareDeployments for further orchestration via Heat.

Optional Properties

deployment_swift_data

Available since 9.0.0 (Pike)

Swift container and object to use for storing deployment data for the server resource. The parameter is a map value with the keys “container” and “object”, and the values are the corresponding container and object names. The software_config_transport parameter must be set to POLL_TEMP_URL for swift to be used. If not specified, and software_config_transport is set to POLL_TEMP_URL, a container will be automatically created from the resource name, and the object name will be a generated uuid.
Map value expected.
Can be updated without replacement.
Defaults to {}
Map properties:
container
Optional.
Name of the container.
String value expected.
Can be updated without replacement.
The length must be at least 1.
object
Optional.
Name of the object.
String value expected.
Can be updated without replacement.
The length must be at least 1.
name
Server name.
String value expected.
Can be updated without replacement.
software_config_transport
How the server should receive the metadata required for software configuration. POLL_SERVER_CFN will allow calls to the cfn API action DescribeStackResource authenticated with the provided keypair. POLL_SERVER_HEAT will allow calls to the Heat API resource-show using the provided keystone credentials. POLL_TEMP_URL will create and populate a Swift TempURL with metadata for polling. ZAQAR_MESSAGE will create a dedicated zaqar queue and post the metadata for polling.
String value expected.
Can be updated without replacement.
Defaults to "POLL_SERVER_CFN"
Allowed values: “POLL_SERVER_CFN”, “POLL_SERVER_HEAT”, “POLL_TEMP_URL”, “ZAQAR_MESSAGE”
metadata

DEPRECATED since 9.0.0 (Pike) - This property will be ignored

Available since 8.0.0 (Ocata)

Arbitrary key/value metadata to store for this server. Both keys and values must be 255 characters or less. Non-string values will be serialized to JSON (and the serialized string must be 255 characters or less).
Map value expected.
Can be updated without replacement.

Attributes

name

Name of the server.

os_collect_config

Available since 9.0.0 (Pike)

The os-collect-config configuration for the server’s local agent to be configured to connect to Heat to retrieve deployment data.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::DeployedServer
    properties:
      deployment_swift_data: {"container": String, "object": String}
      name: String
      software_config_transport: String

OS::Heat::InstanceGroup

An instance group that can scale arbitrary instances.

A resource allowing for the creating number of defined with AWS::AutoScaling::LaunchConfiguration instances. Allows to associate scaled resources with loadbalancer resources.

Required Properties

AvailabilityZones
Not Implemented.
List value expected.
Updates cause replacement.
LaunchConfigurationName
The reference to a LaunchConfiguration resource.
String value expected.
Can be updated without replacement.
Size
Desired number of instances.
Integer value expected.
Can be updated without replacement.

Optional Properties

LoadBalancerNames
List of LoadBalancer resources.
List value expected.
Updates cause replacement.
Tags
Tags to attach to this group.
List value expected.
Updates cause replacement.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
Key
Required.
Tag key.
String value expected.
Updates cause replacement.
Value
Required.
Tag value.
String value expected.
Updates cause replacement.

Attributes

InstanceList

A comma-delimited list of server ip addresses. (Heat extension).

show

Detailed information about resource.

update_policy

RollingUpdate
Map value expected.
Updates cause replacement.
Map properties:
MaxBatchSize
Optional.
Integer value expected.
Updates cause replacement.
Defaults to 1
MinInstancesInService
Optional.
Integer value expected.
Updates cause replacement.
Defaults to 0
PauseTime
Optional.
String value expected.
Updates cause replacement.
Defaults to "PT0S"

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::InstanceGroup
    properties:
      AvailabilityZones: [Value, Value, ...]
      LaunchConfigurationName: String
      LoadBalancerNames: [Value, Value, ...]
      Size: Integer
      Tags: [{"Key": String, "Value": String}, {"Key": String, "Value": String}, ...]

OS::Heat::MultipartMime

Available since 2014.1 (Icehouse)

Assembles a collection of software configurations as a multi-part mime.

Parts in the message can be populated with inline configuration or references to other config resources. If the referenced resource is itself a valid multi-part mime message, that will be broken into parts and those parts appended to this message.

The resulting multi-part mime message will be stored by the configs API and can be referenced in properties such as OS::Nova::Server user_data.

This resource is generally used to build a list of cloud-init configuration elements including scripts and cloud-config. Since cloud-init is boot-only configuration, any changes to the definition will result in the replacement of all servers which reference it.

Optional Properties

group

Available since 14.0.0 (Ussuri)

Namespace to group this multi-part configs by when delivered to a server. This may imply what configuration tool is going to perform the configuration.
String value expected.
Updates cause replacement.
Defaults to "Heat::Ungrouped"
parts
Parts belonging to this message.
List value expected.
Updates cause replacement.
Defaults to []
List contents:
Map value expected.
Updates cause replacement.
Map properties:
config
Required.
Content of part to attach, either inline or by referencing the ID of another software config resource.
String value expected.
Updates cause replacement.
filename
Optional.
Optional filename to associate with part.
String value expected.
Updates cause replacement.
subtype
Optional.
Optional subtype to specify with the type.
String value expected.
Updates cause replacement.
type
Optional.
Whether the part content is text or multipart.
String value expected.
Updates cause replacement.
Defaults to "text"
Allowed values: “text”, “multipart”

Attributes

config

The config value of the software config.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::MultipartMime
    properties:
      group: String
      parts: [{"config": String, "filename": String, "type": String, "subtype": String}, {"config": String, "filename": String, "type": String, "subtype": String}, ...]

OS::Heat::None

Available since 5.0.0 (Liberty)

Enables easily disabling certain resources via the resource_registry.

It does nothing, but can effectively stub out any other resource because it will accept any properties and return any attribute (as None). Note this resource always does nothing on update (e.g it is not replaced even if a change to the stubbed resource properties would cause replacement).

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::None

OS::Heat::RandomString

Available since 2014.1 (Icehouse)

A resource which generates a random string.

This is useful for configuring passwords and secrets on services. Random string can be generated from specified character sequences, which means that all characters will be randomly chosen from specified sequences, or with some classes, e.g. letterdigits, which means that all character will be randomly chosen from union of ascii letters and digits. Output string will be randomly generated string with specified length (or with length of 32, if length property doesn’t specified).

Optional Properties

character_classes
A list of character class and their constraints to generate the random string from.
List value expected.
Updates cause replacement.
Defaults to [{"class": "lettersdigits", "min": 1}]
List contents:
Map value expected.
Updates cause replacement.
Map properties:
class
Optional.
A character class and its corresponding min constraint to generate the random string from.
String value expected.
Updates cause replacement.
Defaults to "lettersdigits"
Allowed values: “lettersdigits”, “letters”, “lowercase”, “uppercase”, “digits”, “hexdigits”, “octdigits”
min
Optional.
The minimum number of characters from this character class that will be in the generated string.
Integer value expected.
Updates cause replacement.
Defaults to 1
The value must be in the range 1 to 512.
character_sequences
A list of character sequences and their constraints to generate the random string from.
List value expected.
Updates cause replacement.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
min
Optional.
The minimum number of characters from this sequence that will be in the generated string.
Integer value expected.
Updates cause replacement.
Defaults to 1
The value must be in the range 1 to 512.
sequence
Required.
A character sequence and its corresponding min constraint to generate the random string from.
String value expected.
Updates cause replacement.
length
Length of the string to generate.
Integer value expected.
Updates cause replacement.
Defaults to 32
The value must be in the range 1 to 512.
salt
Value which can be set or changed on stack update to trigger the resource for replacement with a new random string. The salt value itself is ignored by the random generator.
String value expected.
Updates cause replacement.

Attributes

show

Detailed information about resource.

value

The random string generated by this resource. This value is also available by referencing the resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::RandomString
    properties:
      character_classes: [{"class": String, "min": Integer}, {"class": String, "min": Integer}, ...]
      character_sequences: [{"sequence": String, "min": Integer}, {"sequence": String, "min": Integer}, ...]
      length: Integer
      salt: String

OS::Heat::ResourceChain

Available since 6.0.0 (Mitaka)

Creates one or more resources with the same configuration.

The types of resources to be created are passed into the chain through the resources property. One resource will be created for each type listed. Each is passed the configuration specified under resource_properties.

The concurrent property controls if the resources will be created concurrently. If omitted or set to false, each resource will be treated as having a dependency on the resource before it in the list.

Required Properties

resources
The list of resource types to create. This list may contain type names or aliases defined in the resource registry. Specific template names are not supported.
List value expected.
Can be updated without replacement.

Optional Properties

concurrent
If true, the resources in the chain will be created concurrently. If false or omitted, each resource will be treated as having a dependency on the previous resource in the list.
Boolean value expected.
Updates cause replacement.
Defaults to false
resource_properties
Properties to pass to each resource being created in the chain.
Map value expected.
Updates cause replacement.

Attributes

attributes

A map of resource names to the specified attribute of each individual resource.

refs

A list of resource IDs for the resources in the chain.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::ResourceChain
    properties:
      concurrent: Boolean
      resource_properties: {...}
      resources: [Value, Value, ...]

OS::Heat::ResourceGroup

Available since 2014.1 (Icehouse)

Creates one or more identically configured nested resources.

In addition to the refs attribute, this resource implements synthetic attributes that mirror those of the resources in the group. When getting an attribute from this resource, however, a list of attribute values for each resource in the group is returned. To get attribute values for a single resource in the group, synthetic attributes of the form resource.{resource index}.{attribute name} can be used. The resource ID of a particular resource in the group can be obtained via the synthetic attribute resource.{resource index}. Note, that if you get attribute without {resource index}, e.g. [resource, {attribute_name}], you’ll get a list of this attribute’s value for all resources in group.

While each resource in the group will be identically configured, this resource does allow for some index-based customization of the properties of the resources in the group. For example:

resources:
  my_indexed_group:
    type: OS::Heat::ResourceGroup
    properties:
      count: 3
      resource_def:
        type: OS::Nova::Server
        properties:
          # create a unique name for each server
          # using its index in the group
          name: my_server_%index%
          image: CentOS 6.5
          flavor: 4GB Performance

would result in a group of three servers having the same image and flavor, but names of my_server_0, my_server_1, and my_server_2. The variable used for substitution can be customized by using the index_var property.

Required Properties

resource_def
Resource definition for the resources in the group. The value of this property is the definition of a resource just as if it had been declared in the template itself.
Map value expected.
Can be updated without replacement.
Map properties:
metadata

Available since 5.0.0 (Liberty)

Supplied metadata for the resources in the group.
Map value expected.
Can be updated without replacement.
properties
Property values for the resources in the group.
Map value expected.
Can be updated without replacement.
type
Required.
The type of the resources in the group.
String value expected.
Can be updated without replacement.

Optional Properties

count
The number of resources to create.
Integer value expected.
Can be updated without replacement.
Defaults to 1
The value must be at least 0.
index_var

Available since 2014.2 (Juno)

A variable that this resource will use to replace with the current index of a given resource in the group. Can be used, for example, to customize the name property of grouped servers in order to differentiate them when listed with nova client.
String value expected.
Updates cause replacement.
Defaults to "%index%"
The length must be at least 3.
removal_policies

Available since 2015.1 (Kilo)

Policies for removal of resources on update.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Policy to be processed when doing an update which requires removal of specific resources.
Map value expected.
Can be updated without replacement.
Map properties:
resource_list
List of resources to be removed when doing an update which requires removal of specific resources. The resource may be specified several ways: (1) The resource name, as in the nested stack, (2) The resource reference returned from get_resource in a template, as available via the ‘refs’ attribute. Note this is destructive on update when specified; even if the count is not being reduced, and once a resource name is removed, its name is never reused in subsequent updates.
List value expected.
Can be updated without replacement.
Defaults to []
removal_policies_mode

Available since 10.0.0 (Queens)

How to handle changes to removal_policies on update. The default “append” mode appends to the internal list, “update” replaces it on update.
String value expected.
Can be updated without replacement.
Defaults to "append"
Allowed values: “append”, “update”

Attributes

attributes

Available since 2014.2 (Juno)

A map of resource names to the specified attribute of each individual resource. Requires heat_template_version: 2014-10-16.

refs

A list of resource IDs for the resources in the group.

refs_map

Available since 7.0.0 (Newton)

A map of resource names to IDs for the resources in the group.

removed_rsrc_list

Available since 7.0.0 (Newton)

A list of removed resource names.

show

Detailed information about resource.

update_policy

batch_create

Available since 5.0.0 (Liberty)

Map value expected.
Updates cause replacement.
Map properties:
max_batch_size
Optional.
The maximum number of resources to create at once.
Integer value expected.
Updates cause replacement.
Defaults to 1
The value must be at least 1.
pause_time
Optional.
The number of seconds to wait between batches.
Number value expected.
Updates cause replacement.
Defaults to 0
The value must be at least 0.
rolling_update

Available since 5.0.0 (Liberty)

Map value expected.
Updates cause replacement.
Map properties:
max_batch_size
Optional.
The maximum number of resources to replace at once.
Integer value expected.
Updates cause replacement.
Defaults to 1
The value must be at least 1.
min_in_service
Optional.
The minimum number of resources in service while rolling updates are being executed.
Integer value expected.
Updates cause replacement.
Defaults to 0
The value must be at least 0.
pause_time
Optional.
The number of seconds to wait between batches of updates.
Number value expected.
Updates cause replacement.
Defaults to 0
The value must be at least 0.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::ResourceGroup
    properties:
      count: Integer
      index_var: String
      removal_policies: [{"resource_list": [Value, Value, ...]}, {"resource_list": [Value, Value, ...]}, ...]
      removal_policies_mode: String
      resource_def: {"type": String, "properties": {...}, "metadata": {...}}

OS::Heat::ScalingPolicy

A resource to manage scaling of OS::Heat::AutoScalingGroup.

Note while it may incidentally support AWS::AutoScaling::AutoScalingGroup for now, please don’t use it for that purpose and use AWS::AutoScaling::ScalingPolicy instead.

Resource to manage scaling for OS::Heat::AutoScalingGroup, i.e. define which metric should be scaled and scaling adjustment, set cooldown etc.

Required Properties

adjustment_type
Type of adjustment (absolute or percentage).
String value expected.
Can be updated without replacement.
Allowed values: “change_in_capacity”, “exact_capacity”, “percent_change_in_capacity”
auto_scaling_group_id
AutoScaling group ID to apply policy to.
String value expected.
Updates cause replacement.
scaling_adjustment
Size of adjustment.
Number value expected.
Can be updated without replacement.

Optional Properties

cooldown
Cooldown period, in seconds.
Number value expected.
Can be updated without replacement.
min_adjustment_step
Minimum number of resources that are added or removed when the AutoScaling group scales up or down. This can be used only when specifying percent_change_in_capacity for the adjustment_type property.
Integer value expected.
Can be updated without replacement.
The value must be at least 0.

Attributes

alarm_url

A signed url to handle the alarm.

show

Detailed information about resource.

signal_url

Available since 5.0.0 (Liberty)

A url to handle the alarm using native API.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::ScalingPolicy
    properties:
      adjustment_type: String
      auto_scaling_group_id: String
      cooldown: Number
      min_adjustment_step: Integer
      scaling_adjustment: Number

OS::Heat::SoftwareComponent

Available since 2014.2 (Juno)

A resource for describing and storing a software component.

This resource is similar to OS::Heat::SoftwareConfig. In contrast to SoftwareConfig which allows for storing only one configuration (e.g. one script), SoftwareComponent allows for storing multiple configurations to address handling of all lifecycle hooks (CREATE, UPDATE, SUSPEND, RESUME, DELETE) for a software component in one place.

This resource is backed by the persistence layer and the API of the SoftwareConfig resource, and only adds handling for the additional ‘configs’ property and attribute.

Required Properties

configs
The list of configurations for the different lifecycle actions of the represented software component.
List value expected.
Updates cause replacement.
The length must be at least 1.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
actions
Lifecycle actions to which the configuration applies. The string values provided for this property can include the standard resource actions CREATE, DELETE, UPDATE, SUSPEND and RESUME supported by Heat.
List value expected.
Updates cause replacement.
Defaults to ["CREATE", "UPDATE"]
The length must be at least 1.
List contents:
Optional.
String value expected.
Updates cause replacement.
config
Optional.
Configuration script or manifest which specifies what actual configuration is performed.
String value expected.
Updates cause replacement.
tool
Required.
The configuration tool used to actually apply the configuration on a server. This string property has to be understood by in-instance tools running inside deployed servers.
String value expected.
Updates cause replacement.

Optional Properties

inputs
Schema representing the inputs that this software config is expecting.
List value expected.
Updates cause replacement.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
default
Optional.
Default value for the input if none is specified.
Any value expected.
Updates cause replacement.
description
Optional.
Description of the input.
String value expected.
Updates cause replacement.
name
Required.
Name of the input.
String value expected.
Updates cause replacement.
replace_on_change
Optional.
Replace the deployment instead of updating it when the input value changes.
Boolean value expected.
Updates cause replacement.
Defaults to false
type
Optional.
Type of the value of the input.
String value expected.
Updates cause replacement.
Defaults to "String"
Allowed values: “String”, “Number”, “CommaDelimitedList”, “Json”, “Boolean”
options
Map containing options specific to the configuration management tool used by this resource.
Map value expected.
Updates cause replacement.
outputs
Schema representing the outputs that this software config will produce.
List value expected.
Updates cause replacement.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
description
Optional.
Description of the output.
String value expected.
Updates cause replacement.
error_output
Optional.
Denotes that the deployment is in an error state if this output has a value.
Boolean value expected.
Updates cause replacement.
Defaults to false
name
Required.
Name of the output.
String value expected.
Updates cause replacement.
type
Optional.
Type of the value of the output.
String value expected.
Updates cause replacement.
Defaults to "String"
Allowed values: “String”, “Number”, “CommaDelimitedList”, “Json”, “Boolean”

Attributes

config

The config value of the software config.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::SoftwareComponent
    properties:
      configs: [{"actions": [String, String, ...], "config": String, "tool": String}, {"actions": [String, String, ...], "config": String, "tool": String}, ...]
      inputs: [{"name": String, "description": String, "type": String, "default": Any, "replace_on_change": Boolean}, {"name": String, "description": String, "type": String, "default": Any, "replace_on_change": Boolean}, ...]
      options: {...}
      outputs: [{"name": String, "description": String, "type": String, "error_output": Boolean}, {"name": String, "description": String, "type": String, "error_output": Boolean}, ...]

OS::Heat::SoftwareConfig

Available since 2014.1 (Icehouse)

A resource for describing and storing software configuration.

The software_configs API which backs this resource creates immutable configs, so any change to the template resource definition will result in a new config being created, and the old one being deleted.

Configs can be defined in the same template which uses them, or they can be created in one stack, and passed to another stack via a parameter.

A config resource can be referenced in other resource properties which are config-aware. This includes the properties OS::Nova::Server user_data, OS::Heat::SoftwareDeployment config and OS::Heat::MultipartMime parts config.

Along with the config script itself, this resource can define schemas for inputs and outputs which the config script is expected to consume and produce. Inputs and outputs are optional and will map to concepts which are specific to the configuration tool being used.

Optional Properties

config
Configuration script or manifest which specifies what actual configuration is performed.
String value expected.
Updates cause replacement.
group
Namespace to group this software config by when delivered to a server. This may imply what configuration tool is going to perform the configuration.
String value expected.
Updates cause replacement.
Defaults to "Heat::Ungrouped"
inputs
Schema representing the inputs that this software config is expecting.
List value expected.
Updates cause replacement.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
default
Optional.
Default value for the input if none is specified.
Any value expected.
Updates cause replacement.
description
Optional.
Description of the input.
String value expected.
Updates cause replacement.
name
Required.
Name of the input.
String value expected.
Updates cause replacement.
replace_on_change
Optional.
Replace the deployment instead of updating it when the input value changes.
Boolean value expected.
Updates cause replacement.
Defaults to false
type
Optional.
Type of the value of the input.
String value expected.
Updates cause replacement.
Defaults to "String"
Allowed values: “String”, “Number”, “CommaDelimitedList”, “Json”, “Boolean”
options
Map containing options specific to the configuration management tool used by this resource.
Map value expected.
Updates cause replacement.
outputs
Schema representing the outputs that this software config will produce.
List value expected.
Updates cause replacement.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
description
Optional.
Description of the output.
String value expected.
Updates cause replacement.
error_output
Optional.
Denotes that the deployment is in an error state if this output has a value.
Boolean value expected.
Updates cause replacement.
Defaults to false
name
Required.
Name of the output.
String value expected.
Updates cause replacement.
type
Optional.
Type of the value of the output.
String value expected.
Updates cause replacement.
Defaults to "String"
Allowed values: “String”, “Number”, “CommaDelimitedList”, “Json”, “Boolean”

Attributes

config

The config value of the software config.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::SoftwareConfig
    properties:
      config: String
      group: String
      inputs: [{"name": String, "description": String, "type": String, "default": Any, "replace_on_change": Boolean}, {"name": String, "description": String, "type": String, "default": Any, "replace_on_change": Boolean}, ...]
      options: {...}
      outputs: [{"name": String, "description": String, "type": String, "error_output": Boolean}, {"name": String, "description": String, "type": String, "error_output": Boolean}, ...]

OS::Heat::SoftwareDeployment

Available since 2014.1 (Icehouse)

This resource associates a server with some configuration.

The configuration is to be deployed to that server.

A deployment allows input values to be specified which map to the inputs schema defined in the config resource. These input values are interpreted by the configuration tool in a tool-specific manner.

Whenever this resource goes to an IN_PROGRESS state, it creates an ephemeral config that includes the inputs values plus a number of extra inputs which have names prefixed with deploy_. The extra inputs relate to the current state of the stack, along with the information and credentials required to signal back the deployment results.

Unless signal_transport=NO_SIGNAL, this resource will remain in an IN_PROGRESS state until the server signals it with the output values for that deployment. Those output values are then available as resource attributes, along with the default attributes deploy_stdout, deploy_stderr and deploy_status_code.

Specifying actions other than the default CREATE and UPDATE will result in the deployment being triggered in those actions. For example this would allow cleanup configuration to be performed during actions SUSPEND and DELETE. A config could be designed to only work with some specific actions, or a config can read the value of the deploy_action input to allow conditional logic to perform different configuration for different actions.

Required Properties

server
ID of resource to apply configuration to. Normally this should be a Nova server ID.
String value expected.
Updates cause replacement.

Optional Properties

actions
Which lifecycle actions of the deployment resource will result in this deployment being triggered.
List value expected.
Can be updated without replacement.
Defaults to ["CREATE", "UPDATE"]
Allowed values: “CREATE”, “UPDATE”, “DELETE”, “SUSPEND”, “RESUME”
config
ID of software configuration resource to execute when applying to the server.
String value expected.
Can be updated without replacement.
input_values
Input values to apply to the software configuration on this server.
Map value expected.
Can be updated without replacement.
name
Name of the derived config associated with this deployment. This is used to apply a sort order to the list of configurations currently deployed to a server.
String value expected.
Can be updated without replacement.
signal_transport
How the server should signal to heat with the deployment output values. CFN_SIGNAL will allow an HTTP POST to a CFN keypair signed URL. TEMP_URL_SIGNAL will create a Swift TempURL to be signaled via HTTP PUT. HEAT_SIGNAL will allow calls to the Heat API resource-signal using the provided keystone credentials. ZAQAR_SIGNAL will create a dedicated zaqar queue to be signaled using the provided keystone credentials. NO_SIGNAL will result in the resource going to the COMPLETE state without waiting for any signal.
String value expected.
Updates cause replacement.
Defaults to "CFN_SIGNAL"
Allowed values: “CFN_SIGNAL”, “TEMP_URL_SIGNAL”, “HEAT_SIGNAL”, “NO_SIGNAL”, “ZAQAR_SIGNAL”

Attributes

deploy_status_code

Returned status code from the configuration execution.

deploy_stderr

Captured stderr from the configuration execution.

deploy_stdout

Captured stdout from the configuration execution.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::SoftwareDeployment
    properties:
      actions: [Value, Value, ...]
      config: String
      input_values: {...}
      name: String
      server: String
      signal_transport: String

OS::Heat::SoftwareDeploymentGroup

Available since 5.0.0 (Liberty)

This resource associates a group of servers with some configuration.

The configuration is to be deployed to all servers in the group.

The properties work in a similar way to OS::Heat::SoftwareDeployment, and in addition to the attributes documented, you may pass any attribute supported by OS::Heat::SoftwareDeployment, including those exposing arbitrary outputs, and return a map of deployment names to the specified attribute.

Required Properties

servers
A map of names and server IDs to apply configuration to. The name is arbitrary and is used as the Heat resource name for the corresponding deployment.
Map value expected.
Can be updated without replacement.

Optional Properties

actions
Which lifecycle actions of the deployment resource will result in this deployment being triggered.
List value expected.
Can be updated without replacement.
Defaults to ["CREATE", "UPDATE"]
Allowed values: “CREATE”, “UPDATE”, “DELETE”, “SUSPEND”, “RESUME”
config
ID of software configuration resource to execute when applying to the server.
String value expected.
Can be updated without replacement.
input_values
Input values to apply to the software configuration on this server.
Map value expected.
Can be updated without replacement.
name
Name of the derived config associated with this deployment. This is used to apply a sort order to the list of configurations currently deployed to a server.
String value expected.
Can be updated without replacement.
signal_transport
How the server should signal to heat with the deployment output values. CFN_SIGNAL will allow an HTTP POST to a CFN keypair signed URL. TEMP_URL_SIGNAL will create a Swift TempURL to be signaled via HTTP PUT. HEAT_SIGNAL will allow calls to the Heat API resource-signal using the provided keystone credentials. ZAQAR_SIGNAL will create a dedicated zaqar queue to be signaled using the provided keystone credentials. NO_SIGNAL will result in the resource going to the COMPLETE state without waiting for any signal.
String value expected.
Updates cause replacement.
Defaults to "CFN_SIGNAL"
Allowed values: “CFN_SIGNAL”, “TEMP_URL_SIGNAL”, “HEAT_SIGNAL”, “NO_SIGNAL”, “ZAQAR_SIGNAL”

Attributes

deploy_status_codes

A map of Nova names and returned status code from the configuration execution.

deploy_stderrs

A map of Nova names and captured stderrs from the configuration execution to each server.

deploy_stdouts

A map of Nova names and captured stdouts from the configuration execution to each server.

show

Detailed information about resource.

update_policy

batch_create

Available since 7.0.0 (Newton)

Map value expected.
Updates cause replacement.
Map properties:
max_batch_size
Optional.
The maximum number of resources to create at once.
Integer value expected.
Updates cause replacement.
Defaults to 1
The value must be at least 1.
pause_time
Optional.
The number of seconds to wait between batches.
Number value expected.
Updates cause replacement.
Defaults to 0
The value must be at least 0.
rolling_update

Available since 7.0.0 (Newton)

Map value expected.
Updates cause replacement.
Map properties:
max_batch_size
Optional.
The maximum number of deployments to replace at once.
Integer value expected.
Updates cause replacement.
Defaults to 1
The value must be at least 1.
pause_time
Optional.
The number of seconds to wait between batches of updates.
Number value expected.
Updates cause replacement.
Defaults to 0
The value must be at least 0.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::SoftwareDeploymentGroup
    properties:
      actions: [Value, Value, ...]
      config: String
      input_values: {...}
      name: String
      servers: {...}
      signal_transport: String

OS::Heat::Stack

A Resource representing a stack.

A resource that allowing for the creating stack, where should be defined stack template in HOT format, parameters (if template has any parameters with no default value), and timeout of creating. After creating current stack will have remote stack.

Required Properties

template
Template that specifies the stack to be created as a resource.
String value expected.
Can be updated without replacement.

Optional Properties

context
Context for this stack.
Map value expected.
Can be updated without replacement.
Map properties:
ca_cert

Available since 12.0.0 (Stein)

Optional.
CA Cert for SSL.
String value expected.
Can be updated without replacement.
credential_secret_id

Available since 12.0.0 (Stein)

Optional.
A Barbican secret ID. The Barbican secret should contain an OpenStack credential that can be used to access a remote cloud.
String value expected.
Can be updated without replacement.
insecure

Available since 12.0.0 (Stein)

Optional.
If set, then the server’s certificate will not be verified.
Boolean value expected.
Can be updated without replacement.
Defaults to false
region_name
Optional.
Region name in which this stack will be created.
String value expected.
Can be updated without replacement.
parameters
Set of parameters passed to this stack.
Map value expected.
Can be updated without replacement.
Defaults to {}
timeout
Number of minutes to wait for this stack creation.
Integer value expected.
Can be updated without replacement.

Attributes

outputs

A dict of key-value pairs output from the stack.

show

Detailed information about resource.

stack_name

Name of the stack.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::Stack
    properties:
      context: {"region_name": String, "credential_secret_id": String, "ca_cert": String, "insecure": Boolean}
      parameters: {...}
      template: String
      timeout: Integer

OS::Heat::StructuredConfig

Available since 2014.1 (Icehouse)

A resource which has same logic with OS::Heat::SoftwareConfig.

This resource is like OS::Heat::SoftwareConfig except that the config property is represented by a Map rather than a String.

This is useful for configuration tools which use YAML or JSON as their configuration syntax. The resulting configuration is transferred, stored and returned by the software_configs API as parsed JSON.

Optional Properties

config
Map representing the configuration data structure which will be serialized to JSON format.
Map value expected.
Updates cause replacement.
group
Namespace to group this software config by when delivered to a server. This may imply what configuration tool is going to perform the configuration.
String value expected.
Updates cause replacement.
Defaults to "Heat::Ungrouped"
inputs
Schema representing the inputs that this software config is expecting.
List value expected.
Updates cause replacement.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
default
Optional.
Default value for the input if none is specified.
Any value expected.
Updates cause replacement.
description
Optional.
Description of the input.
String value expected.
Updates cause replacement.
name
Required.
Name of the input.
String value expected.
Updates cause replacement.
replace_on_change
Optional.
Replace the deployment instead of updating it when the input value changes.
Boolean value expected.
Updates cause replacement.
Defaults to false
type
Optional.
Type of the value of the input.
String value expected.
Updates cause replacement.
Defaults to "String"
Allowed values: “String”, “Number”, “CommaDelimitedList”, “Json”, “Boolean”
options
Map containing options specific to the configuration management tool used by this resource.
Map value expected.
Updates cause replacement.
outputs
Schema representing the outputs that this software config will produce.
List value expected.
Updates cause replacement.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
description
Optional.
Description of the output.
String value expected.
Updates cause replacement.
error_output
Optional.
Denotes that the deployment is in an error state if this output has a value.
Boolean value expected.
Updates cause replacement.
Defaults to false
name
Required.
Name of the output.
String value expected.
Updates cause replacement.
type
Optional.
Type of the value of the output.
String value expected.
Updates cause replacement.
Defaults to "String"
Allowed values: “String”, “Number”, “CommaDelimitedList”, “Json”, “Boolean”

Attributes

config

The config value of the software config.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::StructuredConfig
    properties:
      config: {...}
      group: String
      inputs: [{"name": String, "description": String, "type": String, "default": Any, "replace_on_change": Boolean}, {"name": String, "description": String, "type": String, "default": Any, "replace_on_change": Boolean}, ...]
      options: {...}
      outputs: [{"name": String, "description": String, "type": String, "error_output": Boolean}, {"name": String, "description": String, "type": String, "error_output": Boolean}, ...]

OS::Heat::StructuredDeployment

Available since 2014.1 (Icehouse)

A resource which has same logic with OS::Heat::SoftwareDeployment.

A deployment resource like OS::Heat::SoftwareDeployment, but which performs input value substitution on the config defined by a OS::Heat::StructuredConfig resource.

Some configuration tools have no concept of inputs, so the input value substitution needs to occur in the deployment resource. An example of this is the JSON metadata consumed by the cfn-init tool.

Where the config contains {get_input: input_name} this will be substituted with the value of input_name in this resource’s input_values. If get_input needs to be passed through to the substituted configuration then a different input_key property value can be specified.

Required Properties

server
ID of resource to apply configuration to. Normally this should be a Nova server ID.
String value expected.
Updates cause replacement.

Optional Properties

actions
Which lifecycle actions of the deployment resource will result in this deployment being triggered.
List value expected.
Can be updated without replacement.
Defaults to ["CREATE", "UPDATE"]
Allowed values: “CREATE”, “UPDATE”, “DELETE”, “SUSPEND”, “RESUME”
config
ID of software configuration resource to execute when applying to the server.
String value expected.
Can be updated without replacement.
input_key
Name of key to use for substituting inputs during deployment.
String value expected.
Updates cause replacement.
Defaults to "get_input"
input_values
Input values to apply to the software configuration on this server.
Map value expected.
Can be updated without replacement.
input_values_validate
Perform a check on the input values passed to verify that each required input has a corresponding value. When the property is set to STRICT and no value is passed, an exception is raised.
String value expected.
Updates cause replacement.
Defaults to "LAX"
Allowed values: “LAX”, “STRICT”
name
Name of the derived config associated with this deployment. This is used to apply a sort order to the list of configurations currently deployed to a server.
String value expected.
Can be updated without replacement.
signal_transport
How the server should signal to heat with the deployment output values. CFN_SIGNAL will allow an HTTP POST to a CFN keypair signed URL. TEMP_URL_SIGNAL will create a Swift TempURL to be signaled via HTTP PUT. HEAT_SIGNAL will allow calls to the Heat API resource-signal using the provided keystone credentials. ZAQAR_SIGNAL will create a dedicated zaqar queue to be signaled using the provided keystone credentials. NO_SIGNAL will result in the resource going to the COMPLETE state without waiting for any signal.
String value expected.
Updates cause replacement.
Defaults to "CFN_SIGNAL"
Allowed values: “CFN_SIGNAL”, “TEMP_URL_SIGNAL”, “HEAT_SIGNAL”, “NO_SIGNAL”, “ZAQAR_SIGNAL”

Attributes

deploy_status_code

Returned status code from the configuration execution.

deploy_stderr

Captured stderr from the configuration execution.

deploy_stdout

Captured stdout from the configuration execution.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::StructuredDeployment
    properties:
      actions: [Value, Value, ...]
      config: String
      input_key: String
      input_values: {...}
      input_values_validate: String
      name: String
      server: String
      signal_transport: String

OS::Heat::StructuredDeploymentGroup

Available since 5.0.0 (Liberty)

This resource associates a group of servers with some configuration.

This resource works similar as OS::Heat::SoftwareDeploymentGroup, but for structured resources.

Required Properties

servers
A map of names and server IDs to apply configuration to. The name is arbitrary and is used as the Heat resource name for the corresponding deployment.
Map value expected.
Can be updated without replacement.

Optional Properties

actions
Which lifecycle actions of the deployment resource will result in this deployment being triggered.
List value expected.
Can be updated without replacement.
Defaults to ["CREATE", "UPDATE"]
Allowed values: “CREATE”, “UPDATE”, “DELETE”, “SUSPEND”, “RESUME”
config
ID of software configuration resource to execute when applying to the server.
String value expected.
Can be updated without replacement.
input_key
Name of key to use for substituting inputs during deployment.
String value expected.
Updates cause replacement.
Defaults to "get_input"
input_values
Input values to apply to the software configuration on this server.
Map value expected.
Can be updated without replacement.
input_values_validate
Perform a check on the input values passed to verify that each required input has a corresponding value. When the property is set to STRICT and no value is passed, an exception is raised.
String value expected.
Updates cause replacement.
Defaults to "LAX"
Allowed values: “LAX”, “STRICT”
name
Name of the derived config associated with this deployment. This is used to apply a sort order to the list of configurations currently deployed to a server.
String value expected.
Can be updated without replacement.
signal_transport
How the server should signal to heat with the deployment output values. CFN_SIGNAL will allow an HTTP POST to a CFN keypair signed URL. TEMP_URL_SIGNAL will create a Swift TempURL to be signaled via HTTP PUT. HEAT_SIGNAL will allow calls to the Heat API resource-signal using the provided keystone credentials. ZAQAR_SIGNAL will create a dedicated zaqar queue to be signaled using the provided keystone credentials. NO_SIGNAL will result in the resource going to the COMPLETE state without waiting for any signal.
String value expected.
Updates cause replacement.
Defaults to "CFN_SIGNAL"
Allowed values: “CFN_SIGNAL”, “TEMP_URL_SIGNAL”, “HEAT_SIGNAL”, “NO_SIGNAL”, “ZAQAR_SIGNAL”

Attributes

deploy_status_codes

A map of Nova names and returned status code from the configuration execution.

deploy_stderrs

A map of Nova names and captured stderrs from the configuration execution to each server.

deploy_stdouts

A map of Nova names and captured stdouts from the configuration execution to each server.

show

Detailed information about resource.

update_policy

batch_create

Available since 7.0.0 (Newton)

Map value expected.
Updates cause replacement.
Map properties:
max_batch_size
Optional.
The maximum number of resources to create at once.
Integer value expected.
Updates cause replacement.
Defaults to 1
The value must be at least 1.
pause_time
Optional.
The number of seconds to wait between batches.
Number value expected.
Updates cause replacement.
Defaults to 0
The value must be at least 0.
rolling_update

Available since 7.0.0 (Newton)

Map value expected.
Updates cause replacement.
Map properties:
max_batch_size
Optional.
The maximum number of deployments to replace at once.
Integer value expected.
Updates cause replacement.
Defaults to 1
The value must be at least 1.
pause_time
Optional.
The number of seconds to wait between batches of updates.
Number value expected.
Updates cause replacement.
Defaults to 0
The value must be at least 0.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::StructuredDeploymentGroup
    properties:
      actions: [Value, Value, ...]
      config: String
      input_key: String
      input_values: {...}
      input_values_validate: String
      name: String
      servers: {...}
      signal_transport: String

OS::Heat::SwiftSignal

Available since 2014.2 (Juno)

Resource for handling signals received by SwiftSignalHandle.

This resource handles signals received by SwiftSignalHandle and is same as WaitCondition resource.

Required Properties

handle
URL of TempURL where resource will signal completion and optionally upload data.
String value expected.
Updates cause replacement.
timeout
The maximum number of seconds to wait for the resource to signal completion. Once the timeout is reached, creation of the signal resource will fail.
Number value expected.
Updates cause replacement.
The value must be in the range 1 to 43200.

Optional Properties

count
The number of success signals that must be received before the stack creation process continues.
Integer value expected.
Updates cause replacement.
Defaults to 1
The value must be in the range 1 to 1000.

Attributes

data

JSON data that was uploaded via the SwiftSignalHandle.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::SwiftSignal
    properties:
      count: Integer
      handle: String
      timeout: Number

OS::Heat::SwiftSignalHandle

Available since 2014.2 (Juno)

Resource for managing signals from Swift resources.

This resource is same as WaitConditionHandle, but designed for using by Swift resources.

Attributes

curl_cli

Convenience attribute, provides curl CLI command prefix, which can be used for signalling handle completion or failure. You can signal success by adding –data-binary ‘{“status”: “SUCCESS”}’ , or signal failure by adding –data-binary ‘{“status”: “FAILURE”}’.

endpoint

Endpoint/url which can be used for signalling handle.

show

Detailed information about resource.

token

Tokens are not needed for Swift TempURLs. This attribute is being kept for compatibility with the OS::Heat::WaitConditionHandle resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::SwiftSignalHandle

OS::Heat::TestResource

Available since 5.0.0 (Liberty)

A resource which stores the string value that was provided.

This resource is to be used only for testing. It has control knobs such as ‘update_replace’, ‘fail’, ‘wait_secs’.

Optional Properties

action_wait_secs
Options for simulating waiting.
Map value expected.
Can be updated without replacement.
Map properties:
create
Optional.
Seconds to wait after a create. Defaults to the global wait_secs.
Number value expected.
Can be updated without replacement.
delete
Optional.
Seconds to wait after a delete. Defaults to the global wait_secs.
Number value expected.
Can be updated without replacement.
update
Optional.
Seconds to wait after an update. Defaults to the global wait_secs.
Number value expected.
Can be updated without replacement.
attr_wait_secs

Available since 6.0.0 (Mitaka)

Number value for timeout during resolving output value.
Number value expected.
Can be updated without replacement.
Defaults to 0
client_name
Client to poll.
String value expected.
Can be updated without replacement.
Defaults to ""
constraint_prop_secs

Available since 6.0.0 (Mitaka)

Number value for delay during resolve constraint.
Number value expected.
Can be updated without replacement.
Defaults to 0
Value must be of type test_constr
entity_name
Client entity to poll.
String value expected.
Can be updated without replacement.
Defaults to ""
fail
Value which can be set to fail the resource operation to test failure scenarios.
Boolean value expected.
Can be updated without replacement.
Defaults to false
update_replace
Value which can be set to trigger update replace for the particular resource.
Boolean value expected.
Can be updated without replacement.
Defaults to false
update_replace_value

Available since 7.0.0 (Newton)

Some value that can be stored but can not be updated.
String value expected.
Updates cause replacement.
value
The input string to be stored.
String value expected.
Can be updated without replacement.
Defaults to "test_string"
wait_secs
Seconds to wait after an action (-1 is infinite).
Number value expected.
Can be updated without replacement.
Defaults to 0

Attributes

output

The string that was stored. This value is also available by referencing the resource.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::TestResource
    properties:
      action_wait_secs: {"create": Number, "update": Number, "delete": Number}
      attr_wait_secs: Number
      client_name: String
      constraint_prop_secs: Number
      entity_name: String
      fail: Boolean
      update_replace: Boolean
      update_replace_value: String
      value: String
      wait_secs: Number

OS::Heat::UpdateWaitConditionHandle

Available since 2014.1 (Icehouse)

WaitConditionHandle that clears signals and changes handle on update.

This works similarly to an AWS::CloudFormation::WaitConditionHandle, except that on update it clears all signals received and changes the handle. Using this handle means that you must setup the signal senders to send their signals again any time the update handle changes. This allows us to roll out new configurations and be confident that they are rolled out once UPDATE COMPLETE is reached.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::UpdateWaitConditionHandle

OS::Heat::Value

Available since 7.0.0 (Newton)

A resource which exposes its value property as an attribute.

This is useful for exposing a value that is a simple manipulation of other template parameters and/or other resources.

Required Properties

value
The expression to generate the “value” attribute.
Any value expected.
Can be updated without replacement.

Optional Properties

type
The type of the “value” property.
String value expected.
Can be updated without replacement.
Allowed values: “string”, “number”, “comma_delimited_list”, “json”, “boolean”

Attributes

show

Detailed information about resource.

value

The value generated by this resource’s properties “value” expression, with type determined from the properties “type”.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::Value
    properties:
      type: String
      value: Any

OS::Heat::WaitCondition

Available since 2014.2 (Juno)

Resource for handling signals received by WaitConditionHandle.

Resource takes WaitConditionHandle and starts to create. Resource is in CREATE_IN_PROGRESS status until WaitConditionHandle doesn’t receive sufficient number of successful signals (this number can be specified with count property) and successfully creates after that, or fails due to timeout.

Required Properties

handle
A reference to the wait condition handle used to signal this wait condition.
String value expected.
Updates cause replacement.
timeout
The number of seconds to wait for the correct number of signals to arrive.
Number value expected.
Updates cause replacement.
The value must be in the range 1 to 43200.

Optional Properties

count
The number of success signals that must be received before the stack creation process continues.
Integer value expected.
Can be updated without replacement.
Defaults to 1
The value must be at least 1.

Attributes

data

JSON string containing data associated with wait condition signals sent to the handle.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::WaitCondition
    properties:
      count: Integer
      handle: String
      timeout: Number

OS::Heat::WaitConditionHandle

Available since 2014.2 (Juno)

Resource for managing instance signals.

The main points of this resource are:
  • have no dependencies (so the instance can reference it).

  • create credentials to allow for signalling from the instance.

  • handle signals from the instance, validate and store result.

Optional Properties

signal_transport

Available since 6.0.0 (Mitaka)

How the client will signal the wait condition. CFN_SIGNAL will allow an HTTP POST to a CFN keypair signed URL. TEMP_URL_SIGNAL will create a Swift TempURL to be signalled via HTTP PUT. HEAT_SIGNAL will allow calls to the Heat API resource-signal using the provided keystone credentials. ZAQAR_SIGNAL will create a dedicated zaqar queue to be signalled using the provided keystone credentials. TOKEN_SIGNAL will allow and HTTP POST to a Heat API endpoint with the provided keystone token. NO_SIGNAL will result in the resource going to a signalled state without waiting for any signal.
String value expected.
Updates cause replacement.
Defaults to "TOKEN_SIGNAL"
Allowed values: “CFN_SIGNAL”, “TEMP_URL_SIGNAL”, “HEAT_SIGNAL”, “NO_SIGNAL”, “ZAQAR_SIGNAL”, “TOKEN_SIGNAL”

Attributes

curl_cli

Convenience attribute, provides curl CLI command prefix, which can be used for signalling handle completion or failure when signal_transport is set to TOKEN_SIGNAL. You can signal success by adding –data-binary ‘{“status”: “SUCCESS”}’ , or signal failure by adding –data-binary ‘{“status”: “FAILURE”}’. This attribute is set to None for all other signal transports.

endpoint

Endpoint/url which can be used for signalling handle when signal_transport is set to TOKEN_SIGNAL. None for all other signal transports.

show

Detailed information about resource.

signal

JSON serialized map that includes the endpoint, token and/or other attributes the client must use for signalling this handle. The contents of this map depend on the type of signal selected in the signal_transport property.

token

Token for stack-user which can be used for signalling handle when signal_transport is set to TOKEN_SIGNAL. None for all other signal transports.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Heat::WaitConditionHandle
    properties:
      signal_transport: String

OS::Ironic::Port

Available since 13.0.0 (Train)

A resource that creates a ironic port.

Node UUID and physical hardware address for the Port (MAC address in most cases) are needed (all Ports must be associated to a Node when created).

Required Properties

address
Physical hardware address of this network Port, typically the hardware MAC address.
String value expected.
Can be updated without replacement.
node
UUID or name of the Node this resource belongs to.
String value expected.
Can be updated without replacement.
Value must be of type ironic.node

Optional Properties

extra
A set of one or more arbitrary metadata key and value pairs.
Map value expected.
Can be updated without replacement.
is_smartnic
Indicates whether the Port is a Smart NIC port.
Boolean value expected.
Can be updated without replacement.
physical_network
The name of the physical network to which a port is connected. May be empty.
String value expected.
Can be updated without replacement.
portgroup
UUID or name of the Portgroup this resource belongs to.
String value expected.
Can be updated without replacement.
Value must be of type ironic.portgroup
pxe_enabled
Indicates whether PXE is enabled or disabled on the Port.
Boolean value expected.
Can be updated without replacement.

Attributes

address

Physical hardware address of this network Port, typically the hardware MAC address.

extra

A set of one or more arbitrary metadata key and value pairs.

internal_info

Internal metadata set and stored by the Port. This field is read-only.

is_smartnic

Indicates whether the Port is a Smart NIC port.

node_uuid

UUID of the Node this resource belongs to.

physical_network

The name of the physical network to which a port is connected. May be empty.

portgroup_uuid

UUID of the Portgroup this resource belongs to.

pxe_enabled

Indicates whether PXE is enabled or disabled on the Port.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Ironic::Port
    properties:
      address: String
      extra: {...}
      is_smartnic: Boolean
      local_link_connection: {...}
      node: String
      physical_network: String
      portgroup: String
      pxe_enabled: Boolean

OS::Keystone::Domain

Available since 8.0.0 (Ocata) - Supported versions: keystone v3

Heat Template Resource for Keystone Domain.

This plug-in helps to create, update and delete a keystone domain. Also it can be used for enable or disable a given keystone domain.

Optional Properties

description
Description of keystone domain.
String value expected.
Can be updated without replacement.
enabled
This domain is enabled or disabled.
Boolean value expected.
Can be updated without replacement.
Defaults to true
name
The name of the domain.
String value expected.
Can be updated without replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Keystone::Domain
    properties:
      description: String
      enabled: Boolean
      name: String

OS::Keystone::Endpoint

Available since 5.0.0 (Liberty) - Supported versions: keystone v3

Heat Template Resource for Keystone Service Endpoint.

Keystone endpoint is just the URL that can be used for accessing a service within OpenStack. Endpoint can be accessed by admin, by services or public, i.e. everyone can use this endpoint.

Required Properties

interface
Interface type of keystone service endpoint.
String value expected.
Can be updated without replacement.
Allowed values: “public”, “internal”, “admin”
service
Name or Id of keystone service.
String value expected.
Can be updated without replacement.
Value must be of type keystone.service
url
URL of keystone service endpoint.
String value expected.
Can be updated without replacement.

Optional Properties

enabled

Available since 6.0.0 (Mitaka)

This endpoint is enabled or disabled.
Boolean value expected.
Can be updated without replacement.
Defaults to true
name
Name of keystone endpoint.
String value expected.
Can be updated without replacement.
region
Name or Id of keystone region.
String value expected.
Can be updated without replacement.
Value must be of type keystone.region

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Keystone::Endpoint
    properties:
      enabled: Boolean
      interface: String
      name: String
      region: String
      service: String
      url: String

OS::Keystone::Group

Available since 2015.1 (Kilo) - Supported versions: keystone v3

Heat Template Resource for Keystone Group.

Groups are a container representing a collection of users. A group itself must be owned by a specific domain, and hence all group names are not globally unique, but only unique to their domain.

Optional Properties

description
Description of keystone group.
String value expected.
Can be updated without replacement.
Defaults to ""
domain
Name or id of keystone domain.
String value expected.
Can be updated without replacement.
Defaults to "default"
Value must be of type keystone.domain
name
Name of keystone group.
String value expected.
Can be updated without replacement.
roles
List of role assignments.
List value expected.
Can be updated without replacement.
List contents:
Map between role with either project or domain.
Map value expected.
Can be updated without replacement.
Map properties:
domain
Optional.
Keystone domain.
String value expected.
Can be updated without replacement.
Value must be of type keystone.domain
project
Optional.
Keystone project.
String value expected.
Can be updated without replacement.
Value must be of type keystone.project
role
Required.
Keystone role.
String value expected.
Can be updated without replacement.
Value must be of type keystone.role

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Keystone::Group
    properties:
      description: String
      domain: String
      name: String
      roles: [{"role": String, "project": String, "domain": String}, {"role": String, "project": String, "domain": String}, ...]

OS::Keystone::GroupRoleAssignment

Available since 5.0.0 (Liberty) - Supported versions: keystone v3

Resource for granting roles to a group.

Resource for specifying groups and their’s roles.

Required Properties

group
Name or id of keystone group.
String value expected.
Can be updated without replacement.
Value must be of type keystone.group

Optional Properties

roles
List of role assignments.
List value expected.
Can be updated without replacement.
List contents:
Map between role with either project or domain.
Map value expected.
Can be updated without replacement.
Map properties:
domain
Optional.
Keystone domain.
String value expected.
Can be updated without replacement.
Value must be of type keystone.domain
project
Optional.
Keystone project.
String value expected.
Can be updated without replacement.
Value must be of type keystone.project
role
Required.
Keystone role.
String value expected.
Can be updated without replacement.
Value must be of type keystone.role

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Keystone::GroupRoleAssignment
    properties:
      group: String
      roles: [{"role": String, "project": String, "domain": String}, {"role": String, "project": String, "domain": String}, ...]

OS::Keystone::Project

Available since 2015.1 (Kilo) - Supported versions: keystone v3

Heat Template Resource for Keystone Project.

Projects represent the base unit of ownership in OpenStack, in that all resources in OpenStack should be owned by a specific project. A project itself must be owned by a specific domain, and hence all project names are not globally unique, but unique to their domain. If the domain for a project is not specified, then it is added to the default domain.

Optional Properties

description
Description of keystone project.
String value expected.
Can be updated without replacement.
Defaults to ""
domain
Name or id of keystone domain.
String value expected.
Can be updated without replacement.
Defaults to "default"
Value must be of type keystone.domain
enabled
This project is enabled or disabled.
Boolean value expected.
Can be updated without replacement.
Defaults to true
name
Name of keystone project.
String value expected.
Can be updated without replacement.
parent

Available since 6.0.0 (Mitaka)

The name or ID of parent of this keystone project in hierarchy.
String value expected.
Updates cause replacement.
Value must be of type keystone.project
tags

Available since 10.0.0 (Queens)

A list of tags for labeling and sorting projects.
List value expected.
Can be updated without replacement.
Defaults to []

Attributes

domain_id

Available since 10.0.0 (Queens)

Domain id for project.

enabled

Available since 10.0.0 (Queens)

Flag of enable project.

is_domain

Available since 10.0.0 (Queens)

Indicates whether the project also acts as a domain.

name

Available since 10.0.0 (Queens)

Project name.

parent_id

Available since 10.0.0 (Queens)

Parent project id.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Keystone::Project
    properties:
      description: String
      domain: String
      enabled: Boolean
      name: String
      parent: String
      tags: [Value, Value, ...]

OS::Keystone::Region

Available since 6.0.0 (Mitaka) - Supported versions: keystone v3

Heat Template Resource for Keystone Region.

This plug-in helps to create, update and delete a keystone region. Also it can be used for enable or disable a given keystone region.

Optional Properties

description
Description of keystone region.
String value expected.
Can be updated without replacement.
enabled
This region is enabled or disabled.
Boolean value expected.
Can be updated without replacement.
Defaults to true
id
The user-defined region ID and should unique to the OpenStack deployment. While creating the region, heat will url encode this ID.
String value expected.
Updates cause replacement.
parent_region
If the region is hierarchically a child of another region, set this parameter to the ID of the parent region.
String value expected.
Can be updated without replacement.
Value must be of type keystone.region

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Keystone::Region
    properties:
      description: String
      enabled: Boolean
      id: String
      parent_region: String

OS::Keystone::Role

Available since 2015.1 (Kilo) - Supported versions: keystone v3

Heat Template Resource for Keystone Role.

Roles dictate the level of authorization the end user can obtain. Roles can be granted at either the domain or project level. Role can be assigned to the individual user or at the group level. Role name is unique within the owning domain.

Optional Properties

domain

Available since 16.0.0

Name or id of keystone domain.
String value expected.
Updates cause replacement.
Value must be of type keystone.domain
name
Name of keystone role.
String value expected.
Can be updated without replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Keystone::Role
    properties:
      domain: String
      name: String

OS::Keystone::Service

Available since 5.0.0 (Liberty) - Supported versions: keystone v3

Heat Template Resource for Keystone Service.

A resource that allows to create new service and manage it by Keystone.

Required Properties

type
Type of keystone Service.
String value expected.
Can be updated without replacement.

Optional Properties

description
Description of keystone service.
String value expected.
Can be updated without replacement.
enabled

Available since 6.0.0 (Mitaka)

This service is enabled or disabled.
Boolean value expected.
Can be updated without replacement.
Defaults to true
name
Name of keystone service.
String value expected.
Can be updated without replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Keystone::Service
    properties:
      description: String
      enabled: Boolean
      name: String
      type: String

OS::Keystone::User

Available since 2015.1 (Kilo) - Supported versions: keystone v3

Heat Template Resource for Keystone User.

Users represent an individual API consumer. A user itself must be owned by a specific domain, and hence all user names are not globally unique, but only unique to their domain.

Optional Properties

default_project
Name or ID of default project of keystone user.
String value expected.
Can be updated without replacement.
Value must be of type keystone.project
description
Description of keystone user.
String value expected.
Can be updated without replacement.
Defaults to ""
domain
Name or ID of keystone domain.
String value expected.
Can be updated without replacement.
Defaults to "default"
Value must be of type keystone.domain
email
Email address of keystone user.
String value expected.
Can be updated without replacement.
enabled
Keystone user is enabled or disabled.
Boolean value expected.
Can be updated without replacement.
Defaults to true
groups
Keystone user groups.
List value expected.
Can be updated without replacement.
List contents:
Optional.
Keystone user group.
String value expected.
Can be updated without replacement.
Value must be of type keystone.group
name
Name of keystone user.
String value expected.
Can be updated without replacement.
password
Password of keystone user.
String value expected.
Can be updated without replacement.
roles
List of role assignments.
List value expected.
Can be updated without replacement.
List contents:
Map between role with either project or domain.
Map value expected.
Can be updated without replacement.
Map properties:
domain
Optional.
Keystone domain.
String value expected.
Can be updated without replacement.
Value must be of type keystone.domain
project
Optional.
Keystone project.
String value expected.
Can be updated without replacement.
Value must be of type keystone.project
role
Required.
Keystone role.
String value expected.
Can be updated without replacement.
Value must be of type keystone.role

Attributes

default_project_id

Available since 9.0.0 (Pike)

Default project id for user.

domain_id

Available since 9.0.0 (Pike)

Domain id for user.

enabled

Available since 9.0.0 (Pike)

Flag of enable user.

name

Available since 9.0.0 (Pike)

User name.

password_expires_at

Available since 9.0.0 (Pike)

Show user password expiration time.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Keystone::User
    properties:
      default_project: String
      description: String
      domain: String
      email: String
      enabled: Boolean
      groups: [String, String, ...]
      name: String
      password: String
      roles: [{"role": String, "project": String, "domain": String}, {"role": String, "project": String, "domain": String}, ...]

OS::Keystone::UserRoleAssignment

Available since 5.0.0 (Liberty) - Supported versions: keystone v3

Resource for granting roles to a user.

Resource for specifying users and their’s roles.

Required Properties

user
Name or id of keystone user.
String value expected.
Can be updated without replacement.
Value must be of type keystone.user

Optional Properties

roles
List of role assignments.
List value expected.
Can be updated without replacement.
List contents:
Map between role with either project or domain.
Map value expected.
Can be updated without replacement.
Map properties:
domain
Optional.
Keystone domain.
String value expected.
Can be updated without replacement.
Value must be of type keystone.domain
project
Optional.
Keystone project.
String value expected.
Can be updated without replacement.
Value must be of type keystone.project
role
Required.
Keystone role.
String value expected.
Can be updated without replacement.
Value must be of type keystone.role

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Keystone::UserRoleAssignment
    properties:
      roles: [{"role": String, "project": String, "domain": String}, {"role": String, "project": String, "domain": String}, ...]
      user: String

OS::Magnum::Cluster

Available since 9.0.0 (Pike)

A resource that creates a magnum cluster.

This resource creates a magnum cluster, which is a collection of node objects where work is scheduled.

Required Properties

cluster_template
The name or ID of the cluster template.
String value expected.
Updates cause replacement.
Value must be of type magnum.cluster_template

Optional Properties

create_timeout
Timeout for creating the cluster in minutes. Set to 0 for no timeout.
Integer value expected.
Can be updated without replacement.
Defaults to 60
The value must be at least 0.
discovery_url
Specifies a custom discovery url for node discovery.
String value expected.
Can be updated without replacement.
keypair
The name of the keypair. If not presented, use keypair in cluster template.
String value expected.
Updates cause replacement.
Value must be of type nova.keypair
master_count
The number of master nodes for this cluster.
Integer value expected.
Can be updated without replacement.
Defaults to 1
The value must be at least 1.
name
The cluster name.
String value expected.
Updates cause replacement.
node_count
The node count for this cluster.
Integer value expected.
Can be updated without replacement.
Defaults to 1
The value must be at least 1.

Attributes

api_address

The endpoint URL of COE API exposed to end-users.

cluster_template_id

The UUID of the cluster template.

coe_version

Version info of chosen COE in cluster for helping client in picking the right version of client.

container_version

Version info of constainer engine in the chosen COE in cluster for helping client in picking the right version of client.

create_timeout

The timeout for cluster creation in minutes.

discovery_url

The custom discovery url for node discovery.

keypair

The name of the keypair.

master_addresses

List of floating IP of all master nodes.

master_count

The number of servers that will serve as master for the cluster.

name

Name of the resource.

node_addresses

List of floating IP of all servers that serve as node.

node_count

The number of servers that will serve as node in the cluster.

show

Detailed information about resource.

stack_id

The reference UUID of orchestration stack for this COE cluster.

status

The status for this COE cluster.

status_reason

The reason of cluster current status.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Magnum::Cluster
    properties:
      cluster_template: String
      create_timeout: Integer
      discovery_url: String
      keypair: String
      master_count: Integer
      name: String
      node_count: Integer

OS::Magnum::ClusterTemplate

Available since 9.0.0 (Pike)

A resource for the ClusterTemplate in Magnum.

ClusterTemplate is an object that stores template information about the cluster which is used to create new clusters consistently.

Required Properties

coe
The Container Orchestration Engine for cluster.
String value expected.
Updates cause replacement.
Allowed values: “kubernetes”, “swarm”, “mesos”
external_network
The external neutron network name or UUID to attach the Cluster.
String value expected.
Updates cause replacement.
Value must be of type neutron.network
image
The image name or UUID to use as a base image for cluster.
String value expected.
Updates cause replacement.
Value must be of type glance.image

Optional Properties

dns_nameserver
The DNS nameserver address.
String value expected.
Updates cause replacement.
Value must be of type ip_addr
docker_storage_driver
Select a docker storage driver.
String value expected.
Updates cause replacement.
Defaults to "devicemapper"
Allowed values: “devicemapper”, “overlay”
docker_volume_size
The size in GB of the docker volume.
Integer value expected.
Updates cause replacement.
The value must be at least 1.
fixed_network
The fixed neutron network name or UUID to attach the Cluster.
String value expected.
Updates cause replacement.
Value must be of type neutron.network
fixed_subnet
The fixed neutron subnet name or UUID to attach the Cluster.
String value expected.
Updates cause replacement.
Value must be of type neutron.subnet
flavor
The nova flavor name or UUID to use when launching the cluster.
String value expected.
Updates cause replacement.
Value must be of type nova.flavor
floating_ip_enabled
Indicates whether created clusters should have a floating ip or not.
Boolean value expected.
Updates cause replacement.
Defaults to true
http_proxy
The http_proxy address to use for nodes in cluster.
String value expected.
Updates cause replacement.
https_proxy
The https_proxy address to use for nodes in cluster.
String value expected.
Updates cause replacement.
keypair
The name of the SSH keypair to load into the cluster nodes.
String value expected.
Updates cause replacement.
Value must be of type nova.keypair
labels
Arbitrary labels in the form of key=value pairs to associate with cluster.
Map value expected.
Updates cause replacement.
master_flavor
The nova flavor name or UUID to use when launching the master node of the cluster.
String value expected.
Updates cause replacement.
Value must be of type nova.flavor
master_lb_enabled
Indicates whether created clusters should have a load balancer for master nodes or not.
Boolean value expected.
Updates cause replacement.
Defaults to true
name
The cluster template name.
String value expected.
Updates cause replacement.
network_driver
The name of the driver used for instantiating container networks. By default, Magnum will choose the pre-configured network driver based on COE type.
String value expected.
Updates cause replacement.
no_proxy
A comma separated list of addresses for which proxies should not be used in the cluster.
String value expected.
Updates cause replacement.
public
Make the cluster template public. To enable this option, you must own the right to publish in magnum. Which default set to admin only.
Boolean value expected.
Can be updated without replacement.
Defaults to false
registry_enabled
Enable the docker registry in the cluster.
Boolean value expected.
Updates cause replacement.
Defaults to false
server_type
Specify the server type to be used.
String value expected.
Updates cause replacement.
Defaults to "vm"
Allowed values: “vm”, “bm”
tls_disabled
Disable TLS in the cluster.
Boolean value expected.
Updates cause replacement.
Defaults to false
volume_driver
The volume driver name for instantiating container volume.
String value expected.
Updates cause replacement.
Allowed values: “cinder”, “rexray”

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Magnum::ClusterTemplate
    properties:
      coe: String
      dns_nameserver: String
      docker_storage_driver: String
      docker_volume_size: Integer
      external_network: String
      fixed_network: String
      fixed_subnet: String
      flavor: String
      floating_ip_enabled: Boolean
      http_proxy: String
      https_proxy: String
      image: String
      keypair: String
      labels: {...}
      master_flavor: String
      master_lb_enabled: Boolean
      name: String
      network_driver: String
      no_proxy: String
      public: Boolean
      registry_enabled: Boolean
      server_type: String
      tls_disabled: Boolean
      volume_driver: String

OS::Manila::SecurityService

Available since 5.0.0 (Liberty)

A resource that implements security service of Manila.

A security_service is a set of options that defines a security domain for a particular shared filesystem protocol, such as an Active Directory domain or a Kerberos domain.

Required Properties

type
Security service type.
String value expected.
Updates cause replacement.
Allowed values: “ldap”, “kerberos”, “active_directory”

Optional Properties

description
Security service description.
String value expected.
Can be updated without replacement.
dns_ip
DNS IP address used inside tenant’s network.
String value expected.
Can be updated without replacement.
domain
Security service domain.
String value expected.
Can be updated without replacement.
name
Security service name.
String value expected.
Can be updated without replacement.
password
Password used by user.
String value expected.
Can be updated without replacement.
server
Security service IP address or hostname.
String value expected.
Can be updated without replacement.
user
Security service user or group used by tenant.
String value expected.
Can be updated without replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Manila::SecurityService
    properties:
      description: String
      dns_ip: String
      domain: String
      name: String
      password: String
      server: String
      type: String
      user: String

OS::Manila::Share

Available since 5.0.0 (Liberty)

A resource that creates shared mountable file system.

The resource creates a manila share - shared mountable filesystem that can be attached to any client(or clients) that has a network access and permission to mount filesystem. Share is a unit of storage with specific size that supports pre-defined share protocol and advanced security model (access lists, share networks and security services).

Required Properties

share_protocol
Share protocol supported by shared filesystem.
String value expected.
Updates cause replacement.
Allowed values: “NFS”, “CIFS”, “GlusterFS”, “HDFS”, “CEPHFS”
size
Share storage size in GB.
Integer value expected.
Updates cause replacement.

Optional Properties

access_rules
A list of access rules that define access from IP to Share.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
access_level
Optional.
Level of access that need to be provided for guest.
String value expected.
Can be updated without replacement.
Allowed values: “ro”, “rw”
access_to
Required.
IP or other address information about guest that allowed to access to Share.
String value expected.
Can be updated without replacement.
access_type
Required.
Type of access that should be provided to guest.
String value expected.
Can be updated without replacement.
Allowed values: “ip”, “user”, “cert”, “cephx”
description
Share description.
String value expected.
Can be updated without replacement.
is_public
Defines if shared filesystem is public or private.
Boolean value expected.
Can be updated without replacement.
Defaults to false
metadata
Metadata key-values defined for share.
Map value expected.
Can be updated without replacement.
name
Share name.
String value expected.
Can be updated without replacement.
share_network
Name or ID of shared network defined for shared filesystem.
String value expected.
Updates cause replacement.
Value must be of type manila.share_network
share_type
Name or ID of shared filesystem type. Types defines some share filesystem profiles that will be used for share creation.
String value expected.
Updates cause replacement.
Value must be of type manila.share_type
snapshot
Name or ID of shared file system snapshot that will be restored and created as a new share.
String value expected.
Updates cause replacement.
Value must be of type manila.share_snapshot

Attributes

availability_zone

The availability zone of shared filesystem.

created_at

Datetime when a share was created.

export_locations

Export locations of share.

host

Share host.

project_id

Share project ID.

share_server_id

ID of server (VM, etc…) on host that is used for exporting network file-system.

show

Detailed information about resource.

status

Current share status.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Manila::Share
    properties:
      access_rules: [{"access_to": String, "access_type": String, "access_level": String}, {"access_to": String, "access_type": String, "access_level": String}, ...]
      description: String
      is_public: Boolean
      metadata: {...}
      name: String
      share_network: String
      share_protocol: String
      share_type: String
      size: Integer
      snapshot: String

OS::Manila::ShareNetwork

Available since 5.0.0 (Liberty)

A resource that stores network information for share servers.

Stores network information that will be used by share servers, where shares are hosted.

Optional Properties

description
Share network description.
String value expected.
Can be updated without replacement.
name
Name of the share network.
String value expected.
Can be updated without replacement.
neutron_network
Neutron network id.
String value expected.
Can be updated without replacement.
Value must be of type neutron.network
neutron_subnet
Neutron subnet id.
String value expected.
Can be updated without replacement.
Value must be of type neutron.subnet
nova_network
Nova network id.
String value expected.
Can be updated without replacement.
security_services
A list of security services IDs or names.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.

Attributes

cidr

CIDR of subnet.

ip_version

Version of IP address.

network_type

The physical mechanism by which the virtual network is implemented.

segmentation_id

VLAN ID for VLAN networks or tunnel-id for GRE/VXLAN networks.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Manila::ShareNetwork
    properties:
      description: String
      name: String
      neutron_network: String
      neutron_subnet: String
      nova_network: String
      security_services: [String, String, ...]

OS::Manila::ShareType

Available since 5.0.0 (Liberty)

A resource for creating manila share type.

A share_type is an administrator-defined “type of service”, comprised of a tenant visible description, and a list of non-tenant-visible key/value pairs (extra_specs) which the Manila scheduler uses to make scheduling decisions for shared filesystem tasks.

Please note that share type is intended to use mostly by administrators. So it is very likely that Manila will prohibit creation of the resource without administration grants.

Required Properties

driver_handles_share_servers
Required extra specification. Defines if share drivers handles share servers.
Boolean value expected.
Updates cause replacement.
name
Name of the share type.
String value expected.
Updates cause replacement.

Optional Properties

extra_specs
Extra specs key-value pairs defined for share type.
Map value expected.
Can be updated without replacement.
is_public
Defines if share type is accessible to the public.
Boolean value expected.
Updates cause replacement.
Defaults to true
snapshot_support

Available since 6.0.0 (Mitaka)

Boolean extra spec that used for filtering of backends by their capability to create share snapshots.
Boolean value expected.
Updates cause replacement.
Defaults to true

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Manila::ShareType
    properties:
      driver_handles_share_servers: Boolean
      extra_specs: {...}
      is_public: Boolean
      name: String
      snapshot_support: Boolean

OS::Mistral::CronTrigger

Available since 5.0.0 (Liberty)

A resource implements Mistral cron trigger.

Cron trigger is an object allowing to run workflow on a schedule. User specifies what workflow with what input needs to be run and also specifies how often it should be run. Pattern property is used to describe the frequency of workflow execution.

Required Properties

workflow
Workflow to execute.
Map value expected.
Updates cause replacement.
Map properties:
input
Input values for the workflow.
Map value expected.
Updates cause replacement.
name
Required.
Name or ID of the workflow.
String value expected.
Updates cause replacement.
Value must be of type mistral.workflow

Optional Properties

count
Remaining executions.
Integer value expected.
Updates cause replacement.
first_time
Time of the first execution in format “YYYY-MM-DD HH:MM”.
String value expected.
Updates cause replacement.
name
Name of the cron trigger.
String value expected.
Updates cause replacement.
pattern
Cron expression.
String value expected.
Updates cause replacement.
Value must be of type cron_expression

Attributes

next_execution_time

Time of the next execution in format “YYYY-MM-DD HH:MM:SS”.

remaining_executions

Number of remaining executions.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Mistral::CronTrigger
    properties:
      count: Integer
      first_time: String
      name: String
      pattern: String
      workflow: {"name": String, "input": {...}}

OS::Mistral::ExternalResource

Available since 9.0.0 (Pike)

A plugin for managing user-defined resources via Mistral workflows.

This resource allows users to manage resources that are not known to Heat. The user may specify a Mistral workflow to handle each resource action, such as CREATE, UPDATE, or DELETE.

The workflows may return an output named ‘resource_id’, which will be treated as the physical ID of the resource by Heat.

Once the resource is created, subsequent workflow runs will receive the output of the last workflow execution in the ‘heat_extresource_data’ key in the workflow environment (accessible as env().heat_extresource_data in the workflow).

The template author may specify a subset of inputs as causing replacement of the resource when they change, as an alternative to running the UPDATE workflow.

Required Properties

actions
Resource action which triggers a workflow execution.
Map value expected.
Updates cause replacement.
Map properties:
CREATE
Dictionary which defines the workflow to run and its params.
Map value expected.
Updates cause replacement.
Map properties:
params
Workflow additional parameters. If workflow is reverse typed, params requires “task_name”, which defines initial task.
Map value expected.
Updates cause replacement.
Defaults to {}
workflow
Required.
Workflow to execute.
String value expected.
Updates cause replacement.
Value must be of type mistral.workflow
DELETE
Dictionary which defines the workflow to run and its params.
Map value expected.
Updates cause replacement.
Map properties:
params
Workflow additional parameters. If workflow is reverse typed, params requires “task_name”, which defines initial task.
Map value expected.
Updates cause replacement.
Defaults to {}
workflow
Required.
Workflow to execute.
String value expected.
Updates cause replacement.
Value must be of type mistral.workflow
RESUME
Dictionary which defines the workflow to run and its params.
Map value expected.
Updates cause replacement.
Map properties:
params
Workflow additional parameters. If workflow is reverse typed, params requires “task_name”, which defines initial task.
Map value expected.
Updates cause replacement.
Defaults to {}
workflow
Required.
Workflow to execute.
String value expected.
Updates cause replacement.
Value must be of type mistral.workflow
SUSPEND
Dictionary which defines the workflow to run and its params.
Map value expected.
Updates cause replacement.
Map properties:
params
Workflow additional parameters. If workflow is reverse typed, params requires “task_name”, which defines initial task.
Map value expected.
Updates cause replacement.
Defaults to {}
workflow
Required.
Workflow to execute.
String value expected.
Updates cause replacement.
Value must be of type mistral.workflow
UPDATE
Dictionary which defines the workflow to run and its params.
Map value expected.
Updates cause replacement.
Map properties:
params
Workflow additional parameters. If workflow is reverse typed, params requires “task_name”, which defines initial task.
Map value expected.
Updates cause replacement.
Defaults to {}
workflow
Required.
Workflow to execute.
String value expected.
Updates cause replacement.
Value must be of type mistral.workflow

Optional Properties

always_update
Triggers UPDATE action execution even if input is unchanged.
Boolean value expected.
Updates cause replacement.
Defaults to false
description
Workflow execution description.
String value expected.
Updates cause replacement.
Defaults to "Heat managed"
input
Dictionary which contains input for the workflows.
Map value expected.
Can be updated without replacement.
Defaults to {}
replace_on_change_inputs
A list of inputs that should cause the resource to be replaced when their values change.
List value expected.
Updates cause replacement.
Defaults to []

Attributes

output

Output from the execution.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Mistral::ExternalResource
    properties:
      actions: {"CREATE": {"workflow": String, "params": {...}}, "UPDATE": {"workflow": String, "params": {...}}, "SUSPEND": {"workflow": String, "params": {...}}, "RESUME": {"workflow": String, "params": {...}}, "DELETE": {"workflow": String, "params": {...}}}
      always_update: Boolean
      description: String
      input: {...}
      replace_on_change_inputs: [Value, Value, ...]

OS::Mistral::Workflow

Available since 2015.1 (Kilo)

A resource that implements Mistral workflow.

Workflow represents a process that can be described in a various number of ways and that can do some job interesting to the end user. Each workflow consists of tasks (at least one) describing what exact steps should be made during workflow execution.

For detailed description how to use Workflow, read Mistral documentation.

Required Properties

tasks
Dictionary containing workflow tasks.
List value expected.
Can be updated without replacement.
The length must be at least 1.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
action
Optional.
Name of the action associated with the task. Either action or workflow may be defined in the task.
String value expected.
Can be updated without replacement.
concurrency

Available since 8.0.0 (Ocata)

Optional.
Defines a max number of actions running simultaneously in a task. Applicable only for tasks that have with-items.
Integer value expected.
Can be updated without replacement.
description
Optional.
Task description.
String value expected.
Can be updated without replacement.
input
Actual input parameter values of the task.
Map value expected.
Can be updated without replacement.
join

Available since 6.0.0 (Mitaka)

Optional.
Allows to synchronize multiple parallel workflow branches and aggregate their data. Valid inputs: all - the task will run only if all upstream tasks are completed. Any numeric value - then the task will run once at least this number of upstream tasks are completed and corresponding conditions have triggered.
String value expected.
Can be updated without replacement.
keep_result

Available since 5.0.0 (Liberty)

Optional.
Allowing not to store action results after task completion.
Boolean value expected.
Can be updated without replacement.
name
Required.
Task name.
String value expected.
Can be updated without replacement.
on_complete
List of tasks which will run after the task has completed regardless of whether it is successful or not.
List value expected.
Can be updated without replacement.
on_error
List of tasks which will run after the task has completed with an error.
List value expected.
Can be updated without replacement.
on_success
List of tasks which will run after the task has completed successfully.
List value expected.
Can be updated without replacement.
pause_before

Available since 5.0.0 (Liberty)

Optional.
Defines whether Mistral Engine should put the workflow on hold or not before starting a task.
Boolean value expected.
Can be updated without replacement.
publish
Dictionary of variables to publish to the workflow context.
Map value expected.
Can be updated without replacement.
requires
List of tasks which should be executed before this task. Used only in reverse workflows.
List value expected.
Can be updated without replacement.
retry

Available since 5.0.0 (Liberty)

Defines a pattern how task should be repeated in case of an error.
Map value expected.
Can be updated without replacement.
target

Available since 5.0.0 (Liberty)

Optional.
It defines an executor to which task action should be sent to.
String value expected.
Can be updated without replacement.
timeout

Available since 5.0.0 (Liberty)

Optional.
Defines a period of time in seconds after which a task will be failed automatically by engine if hasn’t completed.
Integer value expected.
Can be updated without replacement.
wait_after

Available since 5.0.0 (Liberty)

Optional.
Defines a delay in seconds that Mistral Engine should wait after a task has completed before starting next tasks defined in on-success, on-error or on-complete.
Integer value expected.
Can be updated without replacement.
wait_before

Available since 5.0.0 (Liberty)

Optional.
Defines a delay in seconds that Mistral Engine should wait before starting a task.
Integer value expected.
Can be updated without replacement.
with_items

Available since 5.0.0 (Liberty)

Optional.
If configured, it allows to run action or workflow associated with a task multiple times on a provided list of items.
String value expected.
Can be updated without replacement.
workflow
Optional.
Name of the workflow associated with the task. Can be defined by intrinsic function get_resource or by name of the referenced workflow, i.e. { workflow: wf_name } or { workflow: { get_resource: wf_name }}. Either action or workflow may be defined in the task.
String value expected.
Can be updated without replacement.
Value must be of type mistral.workflow
type
Workflow type.
String value expected.
Can be updated without replacement.
Allowed values: “direct”, “reverse”

Optional Properties

description
Workflow description.
String value expected.
Can be updated without replacement.
input
Dictionary which contains input for workflow.
Map value expected.
Can be updated without replacement.
name
Workflow name.
String value expected.
Updates cause replacement.
output
Any data structure arbitrarily containing YAQL expressions that defines workflow output. May be nested.
Map value expected.
Can be updated without replacement.
params
Workflow additional parameters. If Workflow is reverse typed, params requires ‘task_name’, which defines initial task.
Map value expected.
Can be updated without replacement.
tags

Available since 10.0.0 (Queens)

List of tags to set on the workflow.
List value expected.
Can be updated without replacement.
task_defaults

Available since 5.0.0 (Liberty)

Default settings for some of task attributes defined at workflow level.
Map value expected.
Can be updated without replacement.
Map properties:
concurrency

Available since 8.0.0 (Ocata)

Optional.
Defines a max number of actions running simultaneously in a task. Applicable only for tasks that have with-items.
Integer value expected.
Can be updated without replacement.
on_complete
List of tasks which will run after the task has completed regardless of whether it is successful or not.
List value expected.
Can be updated without replacement.
on_error
List of tasks which will run after the task has completed with an error.
List value expected.
Can be updated without replacement.
on_success
List of tasks which will run after the task has completed successfully.
List value expected.
Can be updated without replacement.
pause_before
Optional.
Defines whether Mistral Engine should put the workflow on hold or not before starting a task.
Boolean value expected.
Can be updated without replacement.
requires
List of tasks which should be executed before this task. Used only in reverse workflows.
List value expected.
Can be updated without replacement.
retry
Defines a pattern how task should be repeated in case of an error.
Map value expected.
Can be updated without replacement.
timeout
Optional.
Defines a period of time in seconds after which a task will be failed automatically by engine if hasn’t completed.
Integer value expected.
Can be updated without replacement.
wait_after
Optional.
Defines a delay in seconds that Mistral Engine should wait after a task has completed before starting next tasks defined in on-success, on-error or on-complete.
Integer value expected.
Can be updated without replacement.
wait_before
Optional.
Defines a delay in seconds that Mistral Engine should wait before starting a task.
Integer value expected.
Can be updated without replacement.
use_request_body_as_input

Available since 6.0.0 (Mitaka)

Defines the method in which the request body for signaling a workflow would be parsed. In case this property is set to True, the body would be parsed as a simple json where each key is a workflow input, in other cases body would be parsed expecting a specific json format with two keys: “input” and “params”.
Boolean value expected.
Can be updated without replacement.

Attributes

alarm_url

A signed url to create executions for workflows specified in Workflow resource.

data

A dictionary which contains name and input of the workflow.

executions

List of workflows’ executions, each of them is a dictionary with information about execution. Each dictionary returns values for next keys: id, workflow_name, created_at, updated_at, state for current execution state, input, output.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Mistral::Workflow
    properties:
      description: String
      input: {...}
      name: String
      output: {...}
      params: {...}
      tags: [Value, Value, ...]
      task_defaults: {"on_success": [Value, Value, ...], "on_error": [Value, Value, ...], "on_complete": [Value, Value, ...], "requires": [Value, Value, ...], "retry": {...}, "wait_before": Integer, "wait_after": Integer, "pause_before": Boolean, "timeout": Integer, "concurrency": Integer}
      tasks: [{"name": String, "description": String, "input": {...}, "action": String, "workflow": String, "publish": {...}, "on_success": [Value, Value, ...], "on_error": [Value, Value, ...], "on_complete": [Value, Value, ...], "policies": {...}, "requires": [Value, Value, ...], "retry": {...}, "wait_before": Integer, "wait_after": Integer, "pause_before": Boolean, "timeout": Integer, "with_items": String, "keep_result": Boolean, "concurrency": Integer, "target": String, "join": String}, {"name": String, "description": String, "input": {...}, "action": String, "workflow": String, "publish": {...}, "on_success": [Value, Value, ...], "on_error": [Value, Value, ...], "on_complete": [Value, Value, ...], "policies": {...}, "requires": [Value, Value, ...], "retry": {...}, "wait_before": Integer, "wait_after": Integer, "pause_before": Boolean, "timeout": Integer, "with_items": String, "keep_result": Boolean, "concurrency": Integer, "target": String, "join": String}, ...]
      type: String
      use_request_body_as_input: Boolean

OS::Monasca::AlarmDefinition

Available since 7.0.0 (Newton)

UNSUPPORTED since 5.0.0 (Liberty)

Heat Template Resource for Monasca Alarm definition.

Monasca Alarm definition helps to define the required expression for a given alarm situation. This plugin helps to create, update and delete the alarm definition.

Alarm definitions is necessary to describe and manage alarms in a one-to-many relationship in order to avoid having to manually declare each alarm even though they may share many common attributes and differ in only one, such as hostname.

Required Properties

expression
Expression of the alarm to evaluate.
String value expected.
Updates cause replacement.

Optional Properties

actions_enabled
Whether to enable the actions or not.
Boolean value expected.
Can be updated without replacement.
Defaults to true
alarm_actions
The notification methods to use when an alarm state is ALARM.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
Monasca notification.
String value expected.
Can be updated without replacement.
Value must be of type monasca.notification
description
Description of the alarm.
String value expected.
Can be updated without replacement.
match_by
The metric dimensions to match to the alarm dimensions. One or more dimension key names separated by a comma.
List value expected.
Updates cause replacement.
Defaults to []
name
Name of the alarm. By default, physical resource name is used.
String value expected.
Can be updated without replacement.
ok_actions
The notification methods to use when an alarm state is OK.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
Monasca notification.
String value expected.
Can be updated without replacement.
Value must be of type monasca.notification
severity
Severity of the alarm.
String value expected.
Can be updated without replacement.
Defaults to "low"
Allowed values: “low”, “medium”, “high”, “critical”
undetermined_actions
The notification methods to use when an alarm state is UNDETERMINED.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
Monasca notification.
String value expected.
Can be updated without replacement.
Value must be of type monasca.notification

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Monasca::AlarmDefinition
    properties:
      actions_enabled: Boolean
      alarm_actions: [String, String, ...]
      description: String
      expression: String
      match_by: [Value, Value, ...]
      name: String
      ok_actions: [String, String, ...]
      severity: String
      undetermined_actions: [String, String, ...]

OS::Monasca::Notification

Available since 7.0.0 (Newton)

UNSUPPORTED since 5.0.0 (Liberty)

Heat Template Resource for Monasca Notification.

A resource which is used to notificate if there is some alarm. Monasca Notification helps to declare the hook points, which will be invoked once alarm is generated. This plugin helps to create, update and delete the notification.

Required Properties

address
Address of the notification. It could be a valid email address, url or service key based on notification type.
String value expected.
Can be updated without replacement.
The length must be no greater than 512.
type
Type of the notification.
String value expected.
Can be updated without replacement.
Allowed values: “email”, “webhook”, “pagerduty”

Optional Properties

name
Name of the notification. By default, physical resource name is used.
String value expected.
Can be updated without replacement.
period

Available since 7.0.0 (Newton)

Interval in seconds to invoke webhooks if the alarm state does not transition away from the defined trigger state. A value of 0 will disable continuous notifications. This property is only applicable for the webhook notification type and has default period interval of 60 seconds.
Integer value expected.
Can be updated without replacement.
Allowed values: 0, 60

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Monasca::Notification
    properties:
      address: String
      name: String
      period: Integer
      type: String

OS::Neutron::AddressScope

Available since 6.0.0 (Mitaka)

A resource for Neutron address scope.

This resource can be associated with multiple subnet pools in a one-to-many relationship. The subnet pools under an address scope must not overlap.

Optional Properties

ip_version
Address family of the address scope, which is 4 or 6.
Integer value expected.
Updates cause replacement.
Defaults to 4
Allowed values: 4, 6
name
The name for the address scope.
String value expected.
Can be updated without replacement.
shared
Whether the address scope should be shared to other tenants. Note that the default policy setting restricts usage of this attribute to administrative users only, and restricts changing of shared address scope to unshared with update.
Boolean value expected.
Can be updated without replacement.
Defaults to false
tenant_id
The owner tenant ID of the address scope. Only administrative users can specify a tenant ID other than their own.
String value expected.
Updates cause replacement.
Value must be of type keystone.project

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::AddressScope
    properties:
      ip_version: Integer
      name: String
      shared: Boolean
      tenant_id: String

OS::Neutron::ExtraRouteSet

Available since 14.0.0 (Ussuri)

Resource for specifying extra routes for a Neutron router.

Requires Neutron extraroute-atomic extension to be enabled:

$ openstack extension show extraroute-atomic

An extra route is a static routing table entry that is added beyond the routes managed implicitly by router interfaces and router gateways.

The destination of an extra route is any IP network in /CIDR notation. The nexthop of an extra route is an IP in a subnet that is directly connected to the router.

In a single OS::Neutron::ExtraRouteSet resource you can specify a set of extra routes (represented as a list) on the same virtual router. As an improvement over the (never formally supported) OS::Neutron::ExtraRoute resource this resource plugin uses a Neutron API extension (extraroute-atomic) that is not prone to race conditions when used to manage multiple extra routes of the same router. It is safe to manage multiple extra routes of the same router from multiple stacks.

On the other hand use of the same route on the same router is not safe from multiple stacks (or between Heat and non-Heat managed Neutron extra routes).

Required Properties

router
The router id.
String value expected.
Updates cause replacement.
Value must be of type neutron.router

Optional Properties

routes
A set of route dictionaries for the router.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
destination
Required.
The destination network in CIDR notation.
String value expected.
Can be updated without replacement.
Value must be of type net_cidr
nexthop
Required.
The next hop for the destination.
String value expected.
Can be updated without replacement.
Value must be of type ip_addr

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::ExtraRouteSet
    properties:
      router: String
      routes: [{"destination": String, "nexthop": String}, {"destination": String, "nexthop": String}, ...]

OS::Neutron::Firewall

A resource for the Firewall resource in Neutron FWaaS.

Resource for using the Neutron firewall implementation. Firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules.

Required Properties

firewall_policy_id
The ID of the firewall policy that this firewall is associated with.
String value expected.
Can be updated without replacement.

Optional Properties

admin_state_up
Administrative state of the firewall. If false (down), firewall does not forward packets and will drop all traffic to/from VMs behind the firewall.
Boolean value expected.
Can be updated without replacement.
Defaults to true
description
Description for the firewall.
String value expected.
Can be updated without replacement.
name
Name for the firewall.
String value expected.
Can be updated without replacement.
value_specs

Available since 5.0.0 (Liberty)

Extra parameters to include in the request. Parameters are often specific to installed hardware or extensions.
Map value expected.
Can be updated without replacement.
Defaults to {}
shared

UNSUPPORTED since 6.0.0 (Mitaka) - There is no such option during 5.0.0, so need to make this property unsupported while it not used.

Available since 2015.1 (Kilo)

Whether this firewall should be shared across all tenants. NOTE: The default policy setting in Neutron restricts usage of this property to administrative users only.
Boolean value expected.
Can be updated without replacement.

Attributes

admin_state_up

The administrative state of the firewall.

description

Description of the firewall.

firewall_policy_id

Unique identifier of the firewall policy used to create the firewall.

name

Name for the firewall.

shared

UNSUPPORTED since 6.0.0 (Mitaka) - There is no such option during 5.0.0, so need to make this attribute unsupported, otherwise error will raised.

Shared status of this firewall.

show

Detailed information about resource.

status

The status of the firewall.

tenant_id

Id of the tenant owning the firewall.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::Firewall
    properties:
      admin_state_up: Boolean
      description: String
      firewall_policy_id: String
      name: String
      value_specs: {...}

OS::Neutron::FirewallPolicy

A resource for the FirewallPolicy resource in Neutron FWaaS.

FirewallPolicy resource is an ordered collection of firewall rules. A firewall policy can be shared across tenants.

Optional Properties

audited
Whether this policy should be audited. When set to True, each time the firewall policy or the associated firewall rules are changed, this attribute will be set to False and will have to be explicitly set to True through an update operation.
Boolean value expected.
Can be updated without replacement.
Defaults to false
description
Description for the firewall policy.
String value expected.
Can be updated without replacement.
firewall_rules
An ordered list of firewall rules to apply to the firewall. (Prior to version 14.0.0 this was a required property).
List value expected.
Can be updated without replacement.
name
Name for the firewall policy.
String value expected.
Can be updated without replacement.
shared
Whether this policy should be shared across all tenants.
Boolean value expected.
Can be updated without replacement.
Defaults to false

Attributes

audited

Audit status of this firewall policy.

description

Description of the firewall policy.

firewall_rules

List of firewall rules in this firewall policy.

name

Name for the firewall policy.

shared

Shared status of this firewall policy.

show

Detailed information about resource.

tenant_id

Id of the tenant owning the firewall policy.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::FirewallPolicy
    properties:
      audited: Boolean
      description: String
      firewall_rules: [Value, Value, ...]
      name: String
      shared: Boolean

OS::Neutron::FirewallRule

A resource for the FirewallRule resource in Neutron FWaaS.

FirewallRule represents a collection of attributes like ports, ip addresses etc. which define match criteria and action (allow, or deny) that needs to be taken on the matched data traffic.

Optional Properties

action
Action to be performed on the traffic matching the rule.
String value expected.
Can be updated without replacement.
Defaults to "deny"
Allowed values: “allow”, “deny”
description
Description for the firewall rule.
String value expected.
Can be updated without replacement.
destination_ip_address
Destination IP address or CIDR.
String value expected.
Can be updated without replacement.
Value must be of type net_cidr
destination_port
Destination port number or a range.
String value expected.
Can be updated without replacement.
enabled
Whether this rule should be enabled.
Boolean value expected.
Can be updated without replacement.
Defaults to true
ip_version
Internet protocol version.
String value expected.
Can be updated without replacement.
Defaults to "4"
Allowed values: “4”, “6”
name
Name for the firewall rule.
String value expected.
Can be updated without replacement.
protocol
Protocol for the firewall rule.
String value expected.
Can be updated without replacement.
Defaults to "any"
Allowed values: “tcp”, “udp”, “icmp”, “any”
shared
Whether this rule should be shared across all tenants.
Boolean value expected.
Can be updated without replacement.
Defaults to false
source_ip_address
Source IP address or CIDR.
String value expected.
Can be updated without replacement.
Value must be of type net_cidr
source_port
Source port number or a range.
String value expected.
Can be updated without replacement.

Attributes

action

Allow or deny action for this firewall rule.

description

Description of the firewall rule.

destination_ip_address

Destination ip_address for this firewall rule.

destination_port

Destination port range for this firewall rule.

enabled

Indicates whether this firewall rule is enabled or not.

firewall_policy_id

Unique identifier of the firewall policy to which this firewall rule belongs.

ip_version

Ip_version for this firewall rule.

name

Name for the firewall rule.

position

Position of the rule within the firewall policy.

protocol

Protocol value for this firewall rule.

shared

Shared status of this firewall rule.

show

Detailed information about resource.

source_ip_address

Source ip_address for this firewall rule.

source_port

Source port range for this firewall rule.

tenant_id

Id of the tenant owning the firewall.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::FirewallRule
    properties:
      action: String
      description: String
      destination_ip_address: String
      destination_port: String
      enabled: Boolean
      ip_version: String
      name: String
      protocol: String
      shared: Boolean
      source_ip_address: String
      source_port: String

OS::Neutron::FloatingIP

A resource for managing Neutron floating ips.

Floating IP addresses can change their association between routers by action of the user. One of the most common use cases for floating IPs is to provide public IP addresses to a private cloud, where there are a limited number of IP addresses available. Another is for a public cloud user to have a “static” IP address that can be reassigned when an instance is upgraded or moved.

Required Properties

floating_network

Available since 2014.2 (Juno)

Network to allocate floating IP from.
String value expected.
Updates cause replacement.
Value must be of type neutron.network

Optional Properties

dns_domain

Available since 7.0.0 (Newton)

DNS domain associated with floating ip.
String value expected.
Can be updated without replacement.
Value must be of type dns_domain
dns_name

Available since 7.0.0 (Newton)

DNS name associated with floating ip.
String value expected.
Can be updated without replacement.
Value must be of type rel_dns_name
fixed_ip_address
IP address to use if the port has multiple addresses.
String value expected.
Can be updated without replacement.
Value must be of type ip_addr
floating_ip_address

Available since 5.0.0 (Liberty)

IP address of the floating IP. NOTE: The default policy setting in Neutron restricts usage of this property to administrative users only.
String value expected.
Updates cause replacement.
Value must be of type ip_addr
floating_subnet

Available since 9.0.0 (Pike)

Subnet to allocate floating IP from.
String value expected.
Updates cause replacement.
Value must be of type neutron.subnet
port_id
ID of an existing port with at least one IP address to associate with this floating IP.
String value expected.
Can be updated without replacement.
Value must be of type neutron.port
value_specs
Extra parameters to include in the “floatingip” object in the creation request. Parameters are often specific to installed hardware or extensions.
Map value expected.
Updates cause replacement.
Defaults to {}

Attributes

fixed_ip_address

IP address of the associated port, if specified.

floating_ip_address

The allocated address of this IP.

floating_network_id

ID of the network in which this IP is allocated.

port_id

ID of the port associated with this IP.

router_id

ID of the router used as gateway, set when associated with a port.

show

Detailed information about resource.

tenant_id

The tenant owning this floating IP.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::FloatingIP
    properties:
      dns_domain: String
      dns_name: String
      fixed_ip_address: String
      floating_ip_address: String
      floating_network: String
      floating_subnet: String
      port_id: String
      value_specs: {...}

OS::Neutron::FloatingIPAssociation

A resource for associating floating ips and ports.

This resource allows associating a floating IP to a port with at least one IP address to associate with this floating IP.

Required Properties

floatingip_id
ID of the floating IP to associate.
String value expected.
Can be updated without replacement.
port_id
ID of an existing port with at least one IP address to associate with this floating IP.
String value expected.
Can be updated without replacement.
Value must be of type neutron.port

Optional Properties

fixed_ip_address
IP address to use if the port has multiple addresses.
String value expected.
Can be updated without replacement.
Value must be of type ip_addr

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::FloatingIPAssociation
    properties:
      fixed_ip_address: String
      floatingip_id: String
      port_id: String

OS::Neutron::IKEPolicy

A resource for IKE policy in Neutron.

The Internet Key Exchange policy identifies the authentication and encryption algorithm used during phase one and phase two negotiation of a VPN connection.

Optional Properties

auth_algorithm
Authentication hash algorithm for the ike policy.
String value expected.
Can be updated without replacement.
Defaults to "sha1"
Allowed values: “sha1”, “sha256”, “sha384”, “sha512”
description
Description for the ike policy.
String value expected.
Can be updated without replacement.
encryption_algorithm
Encryption algorithm for the ike policy.
String value expected.
Can be updated without replacement.
Defaults to "aes-128"
Allowed values: “3des”, “aes-128”, “aes-192”, “aes-256”
ike_version
Version for the ike policy.
String value expected.
Can be updated without replacement.
Defaults to "v1"
Allowed values: “v1”, “v2”
lifetime
Safety assessment lifetime configuration for the ike policy.
Map value expected.
Can be updated without replacement.
Map properties:
units
Optional.
Safety assessment lifetime units.
String value expected.
Can be updated without replacement.
Defaults to "seconds"
Allowed values: “seconds”, “kilobytes”
value
Optional.
Safety assessment lifetime value in specified units.
Integer value expected.
Can be updated without replacement.
Defaults to 3600
name
Name for the ike policy.
String value expected.
Can be updated without replacement.
pfs
Perfect forward secrecy in lowercase for the ike policy.
String value expected.
Can be updated without replacement.
Defaults to "group5"
Allowed values: “group2”, “group5”, “group14”
phase1_negotiation_mode
Negotiation mode for the ike policy.
String value expected.
Updates cause replacement.
Defaults to "main"
Allowed values: “main”

Attributes

auth_algorithm

The authentication hash algorithm used by the ike policy.

description

The description of the ike policy.

encryption_algorithm

The encryption algorithm used by the ike policy.

ike_version

The version of the ike policy.

lifetime

The safety assessment lifetime configuration for the ike policy.

name

The name of the ike policy.

pfs

The perfect forward secrecy of the ike policy.

phase1_negotiation_mode

The negotiation mode of the ike policy.

show

Detailed information about resource.

tenant_id

The unique identifier of the tenant owning the ike policy.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::IKEPolicy
    properties:
      auth_algorithm: String
      description: String
      encryption_algorithm: String
      ike_version: String
      lifetime: {"units": String, "value": Integer}
      name: String
      pfs: String
      phase1_negotiation_mode: String

OS::Neutron::IPsecPolicy

A resource for IPsec policy in Neutron.

The IP security policy specifying the authentication and encryption algorithm, and encapsulation mode used for the established VPN connection.

Optional Properties

auth_algorithm
Authentication hash algorithm for the ipsec policy.
String value expected.
Updates cause replacement.
Defaults to "sha1"
Allowed values: “sha1”
description
Description for the ipsec policy.
String value expected.
Can be updated without replacement.
encapsulation_mode
Encapsulation mode for the ipsec policy.
String value expected.
Updates cause replacement.
Defaults to "tunnel"
Allowed values: “tunnel”, “transport”
encryption_algorithm
Encryption algorithm for the ipsec policy.
String value expected.
Updates cause replacement.
Defaults to "aes-128"
Allowed values: “3des”, “aes-128”, “aes-192”, “aes-256”
lifetime
Safety assessment lifetime configuration for the ipsec policy.
Map value expected.
Updates cause replacement.
Map properties:
units
Optional.
Safety assessment lifetime units.
String value expected.
Updates cause replacement.
Defaults to "seconds"
Allowed values: “seconds”, “kilobytes”
value
Optional.
Safety assessment lifetime value in specified units.
Integer value expected.
Updates cause replacement.
Defaults to 3600
name
Name for the ipsec policy.
String value expected.
Can be updated without replacement.
pfs
Perfect forward secrecy for the ipsec policy.
String value expected.
Updates cause replacement.
Defaults to "group5"
Allowed values: “group2”, “group5”, “group14”
transform_protocol
Transform protocol for the ipsec policy.
String value expected.
Updates cause replacement.
Defaults to "esp"
Allowed values: “esp”, “ah”, “ah-esp”

Attributes

auth_algorithm

The authentication hash algorithm of the ipsec policy.

description

The description of the ipsec policy.

encapsulation_mode

The encapsulation mode of the ipsec policy.

encryption_algorithm

The encryption algorithm of the ipsec policy.

lifetime

The safety assessment lifetime configuration of the ipsec policy.

name

The name of the ipsec policy.

pfs

The perfect forward secrecy of the ipsec policy.

show

Detailed information about resource.

tenant_id

The unique identifier of the tenant owning the ipsec policy.

transform_protocol

The transform protocol of the ipsec policy.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::IPsecPolicy
    properties:
      auth_algorithm: String
      description: String
      encapsulation_mode: String
      encryption_algorithm: String
      lifetime: {"units": String, "value": Integer}
      name: String
      pfs: String
      transform_protocol: String

OS::Neutron::IPsecSiteConnection

A resource for IPsec site connection in Neutron.

This resource has details for the site-to-site IPsec connection, including the peer CIDRs, MTU, peer address, DPD settings and status.

Required Properties

ikepolicy_id
Unique identifier for the ike policy associated with the ipsec site connection.
String value expected.
Updates cause replacement.
ipsecpolicy_id
Unique identifier for the ipsec policy associated with the ipsec site connection.
String value expected.
Updates cause replacement.
peer_address
Remote branch router public IPv4 address or IPv6 address or FQDN.
String value expected.
Updates cause replacement.
peer_cidrs
Remote subnet(s) in CIDR format.
List value expected.
Updates cause replacement.
List contents:
Optional.
String value expected.
Updates cause replacement.
Value must be of type net_cidr
peer_id
Remote branch router identity.
String value expected.
Updates cause replacement.
psk
Pre-shared key string for the ipsec site connection.
String value expected.
Updates cause replacement.
vpnservice_id
Unique identifier for the vpn service associated with the ipsec site connection.
String value expected.
Updates cause replacement.

Optional Properties

admin_state_up
Administrative state for the ipsec site connection.
Boolean value expected.
Can be updated without replacement.
Defaults to true
description
Description for the ipsec site connection.
String value expected.
Can be updated without replacement.
dpd
Dead Peer Detection protocol configuration for the ipsec site connection.
Map value expected.
Updates cause replacement.
Map properties:
actions
Optional.
Controls DPD protocol mode.
String value expected.
Updates cause replacement.
Defaults to "hold"
Allowed values: “clear”, “disabled”, “hold”, “restart”, “restart-by-peer”
interval
Optional.
Number of seconds for the DPD delay.
Integer value expected.
Updates cause replacement.
Defaults to 30
timeout
Optional.
Number of seconds for the DPD timeout.
Integer value expected.
Updates cause replacement.
Defaults to 120
initiator
Initiator state in lowercase for the ipsec site connection.
String value expected.
Updates cause replacement.
Defaults to "bi-directional"
Allowed values: “bi-directional”, “response-only”
mtu
Maximum transmission unit size (in bytes) for the ipsec site connection.
Integer value expected.
Updates cause replacement.
Defaults to 1500
name
Name for the ipsec site connection.
String value expected.
Can be updated without replacement.

Attributes

admin_state_up

The administrative state of the ipsec site connection.

auth_mode

The authentication mode of the ipsec site connection.

description

The description of the ipsec site connection.

dpd

The dead peer detection protocol configuration of the ipsec site connection.

ikepolicy_id

The unique identifier of ike policy associated with the ipsec site connection.

initiator

The initiator of the ipsec site connection.

ipsecpolicy_id

The unique identifier of ipsec policy associated with the ipsec site connection.

mtu

The maximum transmission unit size (in bytes) of the ipsec site connection.

name

The name of the ipsec site connection.

peer_address

The remote branch router public IPv4 address or IPv6 address or FQDN.

peer_cidrs

The remote subnet(s) in CIDR format of the ipsec site connection.

peer_id

The remote branch router identity of the ipsec site connection.

psk

The pre-shared key string of the ipsec site connection.

route_mode

The route mode of the ipsec site connection.

show

Detailed information about resource.

status

The status of the ipsec site connection.

tenant_id

The unique identifier of the tenant owning the ipsec site connection.

vpnservice_id

The unique identifier of vpn service associated with the ipsec site connection.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::IPsecSiteConnection
    properties:
      admin_state_up: Boolean
      description: String
      dpd: {"actions": String, "interval": Integer, "timeout": Integer}
      ikepolicy_id: String
      initiator: String
      ipsecpolicy_id: String
      mtu: Integer
      name: String
      peer_address: String
      peer_cidrs: [String, String, ...]
      peer_id: String
      psk: String
      vpnservice_id: String

OS::Neutron::L2Gateway

Available since 12.0.0 (Stein)

A resource for managing Neutron L2 Gateways.

The are a number of use cases that can be addressed by an L2 Gateway API. Most notably in cloud computing environments, a typical use case is bridging the virtual with the physical. Translate this to Neutron and the OpenStack world, and this means relying on L2 Gateway capabilities to extend Neutron logical (overlay) networks into physical (provider) networks that are outside the OpenStack realm.

Required Properties

devices
List of gateway devices.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
device_name
Required.
The name of the gateway device.
String value expected.
Can be updated without replacement.
interfaces
List of gateway device interfaces.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
name
Required.
The name of the interface on the gateway device.
String value expected.
Can be updated without replacement.
segmentation_id
A list of segmentation ids of the interface.
List value expected.
Can be updated without replacement.
name
A symbolic name for the l2-gateway, which is not required to be unique.
String value expected.
Can be updated without replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::L2Gateway
    properties:
      devices: [{"device_name": String, "interfaces": [{"name": String, "segmentation_id": [Value, Value, ...]}, {"name": String, "segmentation_id": [Value, Value, ...]}, ...]}, {"device_name": String, "interfaces": [{"name": String, "segmentation_id": [Value, Value, ...]}, {"name": String, "segmentation_id": [Value, Value, ...]}, ...]}, ...]
      name: String

OS::Neutron::L2GatewayConnection

Available since 12.0.0 (Stein)

A resource for managing Neutron L2 Gateway Connections.

The L2 Gateway Connection provides a mapping to connect a Neutron network to a L2 Gateway on a particular segmentation ID.

Required Properties

l2_gateway_id
A string specifying a id of the l2gateway resource.
String value expected.
Updates cause replacement.
network_id
A string specifying a id of the network resource to connect to the l2gateway.
String value expected.
Updates cause replacement.
Value must be of type neutron.network

Optional Properties

segmentation_id
A string specifying a segmentation id for the interface on the l2gateway.
String value expected.
Updates cause replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::L2GatewayConnection
    properties:
      l2_gateway_id: String
      network_id: String
      segmentation_id: String

OS::Neutron::LBaaS::HealthMonitor

Available since 6.0.0 (Mitaka)

A resource to handle load balancer health monitors.

This resource creates and manages Neutron LBaaS v2 healthmonitors, which watches status of the load balanced servers.

Required Properties

delay
The minimum time in milliseconds between regular connections of the member.
Integer value expected.
Can be updated without replacement.
The value must be at least 0.
max_retries
Number of permissible connection failures before changing the member status to INACTIVE.
Integer value expected.
Can be updated without replacement.
The value must be in the range 1 to 10.
pool
ID or name of the load balancing pool.
String value expected.
Updates cause replacement.
Value must be of type neutron.lbaas.pool
timeout
Maximum number of milliseconds for a monitor to wait for a connection to be established before it times out.
Integer value expected.
Can be updated without replacement.
The value must be at least 0.
type
One of predefined health monitor types.
String value expected.
Updates cause replacement.
Allowed values: “PING”, “TCP”, “HTTP”, “HTTPS”

Optional Properties

admin_state_up
The administrative state of the health monitor.
Boolean value expected.
Can be updated without replacement.
Defaults to true
expected_codes
The HTTP status codes expected in response from the member to declare it healthy. Specify one of the following values: a single value, such as 200. a list, such as 200, 202. a range, such as 200-204.
String value expected.
Can be updated without replacement.
Defaults to "200"
http_method
The HTTP method used for requests by the monitor of type HTTP.
String value expected.
Can be updated without replacement.
Defaults to "GET"
Allowed values: “GET”, “HEAD”, “POST”, “PUT”, “DELETE”, “TRACE”, “OPTIONS”, “CONNECT”, “PATCH”
tenant_id
ID of the tenant who owns the health monitor.
String value expected.
Updates cause replacement.
url_path
The HTTP path used in the HTTP request used by the monitor to test a member health. A valid value is a string the begins with a forward slash (/).
String value expected.
Can be updated without replacement.
Defaults to "/"

Attributes

pools

The list of Pools related to this monitor.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::LBaaS::HealthMonitor
    properties:
      admin_state_up: Boolean
      delay: Integer
      expected_codes: String
      http_method: String
      max_retries: Integer
      pool: String
      tenant_id: String
      timeout: Integer
      type: String
      url_path: String

OS::Neutron::LBaaS::L7Policy

Available since 7.0.0 (Newton)

A resource for managing LBaaS v2 L7Policies.

This resource manages Neutron-LBaaS v2 L7Policies, which represent a collection of L7Rules. L7Policy holds the action that should be performed when the rules are matched (Redirect to Pool, Redirect to URL, Reject). L7Policy holds a Listener id, so a Listener can evaluate a collection of L7Policies. L7Policy will return True when all of the L7Rules that belong to this L7Policy are matched. L7Policies under a specific Listener are ordered and the first l7Policy that returns a match will be executed. When none of the policies match the request gets forwarded to listener.default_pool_id.

Required Properties

action
Action type of the policy.
String value expected.
Can be updated without replacement.
Allowed values: “REJECT”, “REDIRECT_TO_POOL”, “REDIRECT_TO_URL”
listener
ID or name of the listener this policy belongs to.
String value expected.
Updates cause replacement.
Value must be of type neutron.lbaas.listener

Optional Properties

admin_state_up
The administrative state of the policy.
Boolean value expected.
Can be updated without replacement.
Defaults to true
description
Description of the policy.
String value expected.
Can be updated without replacement.
name
Name of the policy.
String value expected.
Can be updated without replacement.
position
L7 policy position in ordered policies list. This must be an integer starting from 1. If not specified, policy will be placed at the tail of existing policies list.
Number value expected.
Can be updated without replacement.
The value must be at least 1.
redirect_pool
ID or name of the pool for REDIRECT_TO_POOL action type.
String value expected.
Can be updated without replacement.
Value must be of type neutron.lbaas.pool
redirect_url
URL for REDIRECT_TO_URL action type. This should be a valid URL string.
String value expected.
Can be updated without replacement.

Attributes

rules

L7Rules associated with this policy.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::LBaaS::L7Policy
    properties:
      action: String
      admin_state_up: Boolean
      description: String
      listener: String
      name: String
      position: Number
      redirect_pool: String
      redirect_url: String

OS::Neutron::LBaaS::L7Rule

Available since 7.0.0 (Newton)

A resource for managing LBaaS v2 L7Rules.

This resource manages Neutron-LBaaS v2 L7Rules, which represent a set of attributes that defines which part of the request should be matched and how it should be matched.

Required Properties

compare_type
Rule compare type.
String value expected.
Can be updated without replacement.
Allowed values: “REGEX”, “STARTS_WITH”, “ENDS_WITH”, “CONTAINS”, “EQUAL_TO”
l7policy
ID or name of L7 policy this rule belongs to.
String value expected.
Updates cause replacement.
type
Rule type.
String value expected.
Can be updated without replacement.
Allowed values: “HOST_NAME”, “PATH”, “FILE_TYPE”, “HEADER”, “COOKIE”
value
Value to compare.
String value expected.
Can be updated without replacement.

Optional Properties

admin_state_up
The administrative state of the rule.
Boolean value expected.
Can be updated without replacement.
Defaults to true
invert
Invert the compare type.
Boolean value expected.
Can be updated without replacement.
Defaults to false
key
Key to compare. Relevant for HEADER and COOKIE types only.
String value expected.
Can be updated without replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::LBaaS::L7Rule
    properties:
      admin_state_up: Boolean
      compare_type: String
      invert: Boolean
      key: String
      l7policy: String
      type: String
      value: String

OS::Neutron::LBaaS::Listener

Available since 6.0.0 (Mitaka)

A resource for managing LBaaS v2 Listeners.

This resource creates and manages Neutron LBaaS v2 Listeners, which represent a listening endpoint for the vip.

Required Properties

protocol
Protocol on which to listen for the client traffic.
String value expected.
Updates cause replacement.
Allowed values: “TCP”, “HTTP”, “HTTPS”, “TERMINATED_HTTPS”
protocol_port
TCP or UDP port on which to listen for client traffic.
Integer value expected.
Updates cause replacement.
The value must be in the range 1 to 65535.

Optional Properties

admin_state_up
The administrative state of this listener.
Boolean value expected.
Can be updated without replacement.
Defaults to true
connection_limit
The maximum number of connections permitted for this load balancer. Defaults to -1, which is infinite.
Integer value expected.
Can be updated without replacement.
Defaults to -1
The value must be at least -1.
default_pool

Available since 9.0.0 (Pike)

ID or name of the default pool for the listener. Requires shared_pools service extension.
String value expected.
Can be updated without replacement.
Value must be of type neutron.lbaas.pool
default_tls_container_ref
Default TLS container reference to retrieve TLS information.
String value expected.
Can be updated without replacement.
description
Description of this listener.
String value expected.
Can be updated without replacement.
Defaults to ""
loadbalancer
ID or name of the load balancer with which listener is associated.
String value expected.
Updates cause replacement.
Value must be of type neutron.lbaas.loadbalancer
name
Name of this listener.
String value expected.
Can be updated without replacement.
sni_container_refs
List of TLS container references for SNI.
List value expected.
Can be updated without replacement.
tenant_id
The ID of the tenant who owns the listener.
String value expected.
Updates cause replacement.

Attributes

default_pool_id

ID of the default pool this listener is associated to.

loadbalancers

ID of the load balancer this listener is associated to.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::LBaaS::Listener
    properties:
      admin_state_up: Boolean
      connection_limit: Integer
      default_pool: String
      default_tls_container_ref: String
      description: String
      loadbalancer: String
      name: String
      protocol: String
      protocol_port: Integer
      sni_container_refs: [Value, Value, ...]
      tenant_id: String

OS::Neutron::LBaaS::LoadBalancer

Available since 6.0.0 (Mitaka)

A resource for creating LBaaS v2 Load Balancers.

This resource creates and manages Neutron LBaaS v2 Load Balancers, which allows traffic to be directed between servers.

Required Properties

vip_subnet
The name or ID of the subnet on which to allocate the VIP address.
String value expected.
Updates cause replacement.
Value must be of type neutron.subnet

Optional Properties

admin_state_up
The administrative state of this Load Balancer.
Boolean value expected.
Can be updated without replacement.
Defaults to true
description
Description of this Load Balancer.
String value expected.
Can be updated without replacement.
Defaults to ""
name
Name of this Load Balancer.
String value expected.
Can be updated without replacement.
provider
Provider for this Load Balancer.
String value expected.
Updates cause replacement.
Value must be of type neutron.lbaas.provider
tenant_id
The ID of the tenant who owns the Load Balancer. Only administrative users can specify a tenant ID other than their own.
String value expected.
Updates cause replacement.
Value must be of type keystone.project
vip_address
IP address for the VIP.
String value expected.
Updates cause replacement.
Value must be of type ip_addr

Attributes

pools

Available since 9.0.0 (Pike)

Pools this LoadBalancer is associated with.

show

Detailed information about resource.

vip_address

The VIP address of the LoadBalancer.

vip_port_id

The VIP port of the LoadBalancer.

vip_subnet_id

The VIP subnet of the LoadBalancer.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::LBaaS::LoadBalancer
    properties:
      admin_state_up: Boolean
      description: String
      name: String
      provider: String
      tenant_id: String
      vip_address: String
      vip_subnet: String

OS::Neutron::LBaaS::Pool

Available since 6.0.0 (Mitaka)

A resource for managing LBaaS v2 Pools.

This resources manages Neutron-LBaaS v2 Pools, which represent a group of nodes. Pools define the subnet where nodes reside, balancing algorithm, and the nodes themselves.

Required Properties

lb_algorithm
The algorithm used to distribute load between the members of the pool.
String value expected.
Can be updated without replacement.
Allowed values: “ROUND_ROBIN”, “LEAST_CONNECTIONS”, “SOURCE_IP”
protocol
Protocol of the pool.
String value expected.
Updates cause replacement.
Allowed values: “TCP”, “HTTP”, “HTTPS”

Optional Properties

admin_state_up
The administrative state of this pool.
Boolean value expected.
Can be updated without replacement.
Defaults to true
description
Description of this pool.
String value expected.
Can be updated without replacement.
Defaults to ""
listener
Listener name or ID to be associated with this pool.
String value expected.
Updates cause replacement.
Value must be of type neutron.lbaas.listener
loadbalancer

Available since 9.0.0 (Pike)

Loadbalancer name or ID to be associated with this pool. Requires shared_pools service extension.
String value expected.
Updates cause replacement.
Value must be of type neutron.lbaas.loadbalancer
name
Name of this pool.
String value expected.
Can be updated without replacement.
session_persistence
Configuration of session persistence.
Map value expected.
Updates cause replacement.
Map properties:
type
Required.
Method of implementation of session persistence feature.
String value expected.
Updates cause replacement.
Allowed values: “SOURCE_IP”, “HTTP_COOKIE”, “APP_COOKIE”

Attributes

healthmonitor_id

ID of the health monitor associated with this pool.

listeners

Listener associated with this pool.

members

Members associated with this pool.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::LBaaS::Pool
    properties:
      admin_state_up: Boolean
      description: String
      lb_algorithm: String
      listener: String
      loadbalancer: String
      name: String
      protocol: String
      session_persistence: {"type": String, "cookie_name": String}

OS::Neutron::LBaaS::PoolMember

Available since 6.0.0 (Mitaka)

A resource for managing LBaaS v2 Pool Members.

A pool member represents a single backend node.

Required Properties

address
IP address of the pool member on the pool network.
String value expected.
Updates cause replacement.
Value must be of type ip_addr
pool
Name or ID of the load balancing pool.
String value expected.
Updates cause replacement.
Value must be of type neutron.lbaas.pool
protocol_port
Port on which the pool member listens for requests or connections.
Integer value expected.
Updates cause replacement.
The value must be in the range 1 to 65535.
subnet
Subnet name or ID of this member.
String value expected.
Updates cause replacement.
Value must be of type neutron.subnet

Optional Properties

admin_state_up
The administrative state of the pool member.
Boolean value expected.
Can be updated without replacement.
Defaults to true
weight
Weight of pool member in the pool (default to 1).
Integer value expected.
Can be updated without replacement.
Defaults to 1
The value must be in the range 0 to 256.

Attributes

address

The IP address of the pool member.

pool_id

The ID of the pool to which the pool member belongs.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::LBaaS::PoolMember
    properties:
      address: String
      admin_state_up: Boolean
      pool: String
      protocol_port: Integer
      subnet: String
      weight: Integer

OS::Neutron::MeteringLabel

Available since 2014.1 (Icehouse)

A resource for creating neutron metering label.

The idea is to meter this at the L3 routers levels. The point is to allow operators to configure IP ranges and to assign a label to them. For example we will be able to set two labels; one for the internal traffic, and the other one for the external traffic. Each label will measure the traffic for a specific set of IP range. Then, bandwidth measurement will be sent for each label to the Oslo notification system and could be collected by Ceilometer.

Optional Properties

description
Description of the metering label.
String value expected.
Updates cause replacement.
name
Name of the metering label.
String value expected.
Updates cause replacement.
shared

Available since 2015.1 (Kilo)

Whether the metering label should be shared across all tenants.
Boolean value expected.
Updates cause replacement.
Defaults to false

Attributes

description

Description of the metering label.

name

Name of the metering label.

shared

Shared status of the metering label.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::MeteringLabel
    properties:
      description: String
      name: String
      shared: Boolean

OS::Neutron::MeteringRule

Available since 2014.1 (Icehouse)

A resource to create rule for some label.

Resource for allowing specified label to measure the traffic for a specific set of ip range.

Required Properties

metering_label_id
The metering label ID to associate with this metering rule.
String value expected.
Updates cause replacement.
remote_ip_prefix
Indicates remote IP prefix to be associated with this metering rule.
String value expected.
Updates cause replacement.

Optional Properties

direction
The direction in which metering rule is applied, either ingress or egress.
String value expected.
Updates cause replacement.
Defaults to "ingress"
Allowed values: “ingress”, “egress”
excluded
Specify whether the remote_ip_prefix will be excluded or not from traffic counters of the metering label. For example to not count the traffic of a specific IP address of a range.
Boolean value expected.
Updates cause replacement.
Defaults to "False"

Attributes

direction

The direction in which metering rule is applied.

excluded

Exclude state for cidr.

metering_label_id

The metering label ID to associate with this metering rule.

remote_ip_prefix

CIDR to be associated with this metering rule.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::MeteringRule
    properties:
      direction: String
      excluded: Boolean
      metering_label_id: String
      remote_ip_prefix: String

OS::Neutron::Net

A resource for managing Neutron net.

A network is a virtual isolated layer-2 broadcast domain which is typically reserved to the tenant who created it, unless the network has been explicitly configured to be shared.

Optional Properties

admin_state_up
A boolean value specifying the administrative status of the network.
Boolean value expected.
Can be updated without replacement.
Defaults to true
dhcp_agent_ids
The IDs of the DHCP agent to schedule the network. Note that the default policy setting in Neutron restricts usage of this property to administrative users only.
List value expected.
Can be updated without replacement.
dns_domain

Available since 7.0.0 (Newton)

DNS domain associated with this network.
String value expected.
Can be updated without replacement.
Value must be of type dns_domain
name
A string specifying a symbolic name for the network, which is not required to be unique.
String value expected.
Can be updated without replacement.
port_security_enabled

Available since 5.0.0 (Liberty)

Flag to enable/disable port security on the network. It provides the default value for the attribute of the ports created on this network.
Boolean value expected.
Can be updated without replacement.
qos_policy

Available since 6.0.0 (Mitaka)

The name or ID of QoS policy to attach to this network.
String value expected.
Can be updated without replacement.
Value must be of type neutron.qos_policy
shared
Whether this network should be shared across all tenants. Note that the default policy setting restricts usage of this attribute to administrative users only.
Boolean value expected.
Can be updated without replacement.
Defaults to false
tags

Available since 9.0.0 (Pike)

The tags to be added to the network.
List value expected.
Can be updated without replacement.
List contents:
Optional.
String value expected.
Can be updated without replacement.
tenant_id
The ID of the tenant which will own the network. Only administrative users can set the tenant identifier; this cannot be changed using authorization policies.
String value expected.
Updates cause replacement.
value_specs
Extra parameters to include in the request. Parameters are often specific to installed hardware or extensions.
Map value expected.
Can be updated without replacement.
Defaults to {}

Attributes

admin_state_up

The administrative status of the network.

l2_adjacency

Available since 9.0.0 (Pike)

A boolean value for L2 adjacency, True means that you can expect L2 connectivity throughout the Network.

mtu

Available since 5.0.0 (Liberty)

The maximum transmission unit size(in bytes) for the network.

name

The name of the network.

port_security_enabled

Available since 5.0.0 (Liberty)

Port security enabled of the network.

qos_policy_id

Available since 6.0.0 (Mitaka)

The QoS policy ID attached to this network.

segments

Available since 11.0.0 (Rocky)

The segments of this network.

show

Detailed information about resource.

status

The status of the network.

subnets

Subnets of this network.

tenant_id

The tenant owning this network.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::Net
    properties:
      admin_state_up: Boolean
      dhcp_agent_ids: [Value, Value, ...]
      dns_domain: String
      name: String
      port_security_enabled: Boolean
      qos_policy: String
      shared: Boolean
      tags: [String, String, ...]
      tenant_id: String
      value_specs: {...}

OS::Neutron::NetworkGateway

Available since 2014.1 (Icehouse)

Network Gateway resource in Neutron Network Gateway.

Resource for connecting internal networks with specified devices.

Required Properties

devices
Device info for this network gateway.
List value expected.
Can be updated without replacement.
The length must be at least 1.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
id
Required.
The device id for the network gateway.
String value expected.
Can be updated without replacement.
interface_name
Required.
The interface name for the network gateway.
String value expected.
Can be updated without replacement.

Optional Properties

connections
Connection info for this network gateway.
List value expected.
Can be updated without replacement.
Defaults to {}
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
network

Available since 2014.2 (Juno)

Required.
The internal network to connect on the network gateway.
String value expected.
Can be updated without replacement.
Value must be of type neutron.network
segmentation_id
Optional.
The id for L2 segment on the external side of the network gateway. Must be specified when using vlan.
Integer value expected.
Can be updated without replacement.
The value must be in the range 0 to 4094.
segmentation_type
Optional.
L2 segmentation strategy on the external side of the network gateway.
String value expected.
Can be updated without replacement.
Defaults to "flat"
Allowed values: “flat”, “vlan”
name
The name of the network gateway.
String value expected.
Can be updated without replacement.

Attributes

default

A boolean value of default flag.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::NetworkGateway
    properties:
      connections: [{"network_id": String, "network": String, "segmentation_type": String, "segmentation_id": Integer}, {"network_id": String, "network": String, "segmentation_type": String, "segmentation_id": Integer}, ...]
      devices: [{"id": String, "interface_name": String}, {"id": String, "interface_name": String}, ...]
      name: String

OS::Neutron::Port

A resource for managing Neutron ports.

A port represents a virtual switch port on a logical network switch. Virtual instances attach their interfaces into ports. The logical port also defines the MAC address and the IP address(es) to be assigned to the interfaces plugged into them. When IP addresses are associated to a port, this also implies the port is associated with a subnet, as the IP address was taken from the allocation pool for a specific subnet.

Required Properties

network

Available since 2014.2 (Juno)

Network this port belongs to. If you plan to use current port to assign Floating IP, you should specify fixed_ips with subnet. Note if this changes to a different network update, the port will be replaced.
String value expected.
Updates cause replacement.
Value must be of type neutron.network

Optional Properties

admin_state_up
The administrative state of this port.
Boolean value expected.
Can be updated without replacement.
Defaults to true
allowed_address_pairs
Additional MAC/IP address pairs allowed to pass through the port.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
ip_address
Required.
IP address to allow through this port.
String value expected.
Can be updated without replacement.
Value must be of type ip_or_cidr
mac_address
Optional.
MAC address to allow through this port.
String value expected.
Can be updated without replacement.
Value must be of type mac_addr
binding:vnic_type

Available since 2015.1 (Kilo)

The vnic type to be bound on the neutron port. To support SR-IOV PCI passthrough networking, you can request that the neutron port to be realized as normal (virtual nic), direct (pci passthrough), or macvtap (virtual interface with a tap-like software interface). Note that this only works for Neutron deployments that support the bindings extension.
String value expected.
Can be updated without replacement.
Defaults to "normal"
Allowed values: “normal”, “direct”, “macvtap”, “direct-physical”, “baremetal”, “virtio-forwarder”, “smart-nic”
device_id
Device ID of this port.
String value expected.
Can be updated without replacement.
Defaults to ""
device_owner
Name of the network owning the port. The value is typically network:floatingip or network:router_interface or network:dhcp.
String value expected.
Can be updated without replacement.
Defaults to ""
dns_name

Available since 7.0.0 (Newton)

DNS name associated with the port.
String value expected.
Can be updated without replacement.
Value must be of type dns_name
fixed_ips
Desired IPs for this port.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
ip_address
Optional.
IP address desired in the subnet for this port.
String value expected.
Can be updated without replacement.
Value must be of type ip_addr
subnet

Available since 2014.2 (Juno)

Optional.
Subnet in which to allocate the IP address for this port.
String value expected.
Can be updated without replacement.
Value must be of type neutron.subnet
mac_address
MAC address to give to this port. The default update policy of this property in neutron is that allow admin role only.
String value expected.
Updates cause replacement.
Value must be of type mac_addr
name
A symbolic name for this port.
String value expected.
Can be updated without replacement.
no_fixed_ips

Available since 16.0.0

Flag to disable all fixed ips on the port.
Boolean value expected.
Can be updated without replacement.
Defaults to false
port_security_enabled

Available since 5.0.0 (Liberty)

Flag to enable/disable port security on the port. When disable this feature(set it to False), there will be no packages filtering, like security-group and address-pairs.
Boolean value expected.
Can be updated without replacement.
qos_policy

Available since 6.0.0 (Mitaka)

The name or ID of QoS policy to attach to this port.
String value expected.
Can be updated without replacement.
Value must be of type neutron.qos_policy
security_groups
Security group IDs to associate with this port.
List value expected.
Can be updated without replacement.
tags

Available since 9.0.0 (Pike)

The tags to be added to the port.
List value expected.
Can be updated without replacement.
List contents:
Optional.
String value expected.
Can be updated without replacement.
value_specs
Extra parameters to include in the request.
Map value expected.
Can be updated without replacement.
Defaults to {}

Attributes

admin_state_up

The administrative state of this port.

allowed_address_pairs

Additional MAC/IP address pairs allowed to pass through a port.

device_id

Unique identifier for the device.

device_owner

Name of the network owning the port.

dns_assignment

Available since 7.0.0 (Newton)

The DNS assigned to this port.

fixed_ips

Fixed IP addresses.

mac_address

MAC address of the port.

name

Friendly name of the port.

network

Available since 11.0.0 (Rocky)

The attributes of the network owning the port. (The full list of response parameters can be found in the `Openstack Networking service API reference <https://docs.openstack.org/api-ref/network/>`_.) The following examples demonstrate some (not all) possible expressions. (Obtains the network, the MTU (Maximum transmission unit), the network tags and the l2_adjacency property): ``{get_attr: [<port>, network]}``, ``{get_attr: [<port>, network, mtu]}``, ``{get_attr: [<port>, network, tags]}?``, ``{get_attr: [<port>, network, l2_adjacency]}``.

network_id

Unique identifier for the network owning the port.

port_security_enabled

Available since 5.0.0 (Liberty)

Port security enabled of the port.

qos_policy_id

Available since 6.0.0 (Mitaka)

The QoS policy ID attached to this port.

security_groups

A list of security groups for the port.

show

Detailed information about resource.

status

The status of the port.

subnets

A list of all subnet attributes for the port.

tenant_id

Tenant owning the port.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::Port
    properties:
      admin_state_up: Boolean
      allowed_address_pairs: [{"mac_address": String, "ip_address": String}, {"mac_address": String, "ip_address": String}, ...]
      binding:vnic_type: String
      device_id: String
      device_owner: String
      dns_name: String
      fixed_ips: [{"subnet_id": String, "subnet": String, "ip_address": String}, {"subnet_id": String, "subnet": String, "ip_address": String}, ...]
      mac_address: String
      name: String
      network: String
      no_fixed_ips: Boolean
      port_security_enabled: Boolean
      propagate_uplink_status: Boolean
      qos_policy: String
      security_groups: [Value, Value, ...]
      tags: [String, String, ...]
      value_specs: {...}

OS::Neutron::ProviderNet

Available since 2014.1 (Icehouse)

A resource for managing Neutron provider networks.

Provider networks specify details of physical realisation of the existing network.

The default policy usage of this resource is limited to administrators only.

Required Properties

network_type
A string specifying the provider network type for the network.
String value expected.
Can be updated without replacement.
Allowed values: “local”, “vlan”, “vxlan”, “gre”, “geneve”, “flat”

Optional Properties

admin_state_up
A boolean value specifying the administrative status of the network.
Boolean value expected.
Can be updated without replacement.
Defaults to true
dns_domain

Available since 15.0.0 (Victoria)

DNS domain associated with this network.
String value expected.
Can be updated without replacement.
Value must be of type dns_domain
name
A string specifying a symbolic name for the network, which is not required to be unique.
String value expected.
Can be updated without replacement.
physical_network
A string specifying physical network mapping for the network.
String value expected.
Can be updated without replacement.
port_security_enabled

Available since 8.0.0 (Ocata)

Flag to enable/disable port security on the network. It provides the default value for the attribute of the ports created on this network.
Boolean value expected.
Can be updated without replacement.
router_external

Available since 6.0.0 (Mitaka)

Whether the network contains an external router.
Boolean value expected.
Can be updated without replacement.
Defaults to false
segmentation_id
A string specifying the segmentation id for the network.
String value expected.
Can be updated without replacement.
shared
Whether this network should be shared across all tenants.
Boolean value expected.
Can be updated without replacement.
Defaults to true
tags

Available since 12.0.0 (Stein)

The tags to be added to the provider network.
List value expected.
Can be updated without replacement.
List contents:
Optional.
String value expected.
Can be updated without replacement.

Attributes

segments

Available since 16.0.0

The segments of this network.

show

Detailed information about resource.

status

The status of the network.

subnets

Subnets of this network.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::ProviderNet
    properties:
      admin_state_up: Boolean
      dns_domain: String
      name: String
      network_type: String
      physical_network: String
      port_security_enabled: Boolean
      router_external: Boolean
      segmentation_id: String
      shared: Boolean
      tags: [String, String, ...]

OS::Neutron::QoSBandwidthLimitRule

Available since 6.0.0 (Mitaka)

A resource for Neutron QoS bandwidth limit rule.

This rule can be associated with QoS policy, and then the policy can be used by neutron port and network, to provide bandwidth limit QoS capabilities.

The default policy usage of this resource is limited to administrators only.

Required Properties

max_kbps
Max bandwidth in kbps.
Integer value expected.
Can be updated without replacement.
The value must be at least 0.
policy
ID or name of the QoS policy.
String value expected.
Updates cause replacement.
Value must be of type neutron.qos_policy

Optional Properties

direction

Available since 13.0.0 (Train)

Traffic direction from the point of view of the port.
String value expected.
Can be updated without replacement.
Defaults to "egress"
Allowed values: “egress”, “ingress”
max_burst_kbps
Max burst bandwidth in kbps.
Integer value expected.
Can be updated without replacement.
Defaults to 0
The value must be at least 0.
tenant_id
The owner tenant ID of this rule.
String value expected.
Updates cause replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::QoSBandwidthLimitRule
    properties:
      direction: String
      max_burst_kbps: Integer
      max_kbps: Integer
      policy: String
      tenant_id: String

OS::Neutron::QoSDscpMarkingRule

Available since 7.0.0 (Newton)

A resource for Neutron QoS DSCP marking rule.

This rule can be associated with QoS policy, and then the policy can be used by neutron port and network, to provide DSCP marking QoS capabilities.

The default policy usage of this resource is limited to administrators only.

Required Properties

dscp_mark
DSCP mark between 0 and 56, except 2-6, 42, 44, and 50-54.
Integer value expected.
Can be updated without replacement.
Allowed values: 0, 8, 10, 12, 14, 16, 18, 20, 22, 24, 26, 28, 30, 32, 34, 36, 38, 40, 46, 48, 56
policy
ID or name of the QoS policy.
String value expected.
Updates cause replacement.
Value must be of type neutron.qos_policy

Optional Properties

tenant_id
The owner tenant ID of this rule.
String value expected.
Updates cause replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::QoSDscpMarkingRule
    properties:
      dscp_mark: Integer
      policy: String
      tenant_id: String

OS::Neutron::QoSMinimumBandwidthRule

Available since 14.0.0 (Ussuri)

A resource for guaranteeing bandwidth.

This rule can be associated with a QoS policy, and then the policy can be used by a neutron port to provide guaranteed bandwidth QoS capabilities.

Depending on drivers the guarantee may be enforced on two levels. First when a server is placed (scheduled) on physical infrastructure and/or second in the data plane of the physical hypervisor. For details please see Neutron documentation:

https://docs.openstack.org/neutron/latest/admin/config-qos-min-bw.html

The default policy usage of this resource is limited to administrators only.

Required Properties

min_kbps
Min bandwidth in kbps.
Integer value expected.
Can be updated without replacement.
The value must be at least 0.
policy
ID or name of the QoS policy.
String value expected.
Updates cause replacement.
Value must be of type neutron.qos_policy

Optional Properties

direction
Traffic direction from the point of view of the port.
String value expected.
Can be updated without replacement.
Defaults to "egress"
Allowed values: “egress”, “ingress”
tenant_id
The owner tenant ID of this rule.
String value expected.
Updates cause replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::QoSMinimumBandwidthRule
    properties:
      direction: String
      min_kbps: Integer
      policy: String
      tenant_id: String

OS::Neutron::QoSPolicy

Available since 6.0.0 (Mitaka)

A resource for Neutron QoS Policy.

This QoS policy can be associated with neutron resources, such as port and network, to provide QoS capabilities.

The default policy usage of this resource is limited to administrators only.

Optional Properties

description
The description for the QoS policy.
String value expected.
Can be updated without replacement.
name
The name for the QoS policy.
String value expected.
Can be updated without replacement.
shared
Whether this QoS policy should be shared to other tenants.
Boolean value expected.
Can be updated without replacement.
Defaults to false
tenant_id
The owner tenant ID of this QoS policy.
String value expected.
Updates cause replacement.

Attributes

rules

A list of all rules for the QoS policy.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::QoSPolicy
    properties:
      description: String
      name: String
      shared: Boolean
      tenant_id: String

OS::Neutron::Quota

Available since 8.0.0 (Ocata)

A resource for managing neutron quotas.

Neutron Quota is used to manage operational limits for projects. Currently, this resource can manage Neutron’s quotas for:

  • subnet

  • network

  • floatingip

  • security_group_rule

  • security_group

  • router

  • port

  • subnetpool

  • rbac_policy

Note that default neutron security policy usage of this resource is limited to being used by administrators only. Administrators should be careful to create only one Neutron Quota resource per project, otherwise it will be hard for them to manage the quota properly.

Required Properties

project
Name or id of the project to set the quota for.
String value expected.
Updates cause replacement.
Value must be of type keystone.project

Optional Properties

floatingip
Quota for the number of floating IPs. Setting -1 means unlimited.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
network
Quota for the number of networks. Setting -1 means unlimited.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
port
Quota for the number of ports. Setting -1 means unlimited.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
rbac_policy

Available since 12.0.0 (Stein)

Quota for the number of rbac policies. Setting -1 means unlimited.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
router
Quota for the number of routers. Setting -1 means unlimited.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
security_group
Quota for the number of security groups. Setting -1 means unlimited.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
security_group_rule
Quota for the number of security group rules. Setting -1 means unlimited.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
subnet
Quota for the number of subnets. Setting -1 means unlimited.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
subnetpool

Available since 12.0.0 (Stein)

Quota for the number of subnet pools. Setting -1 means unlimited.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::Quota
    properties:
      floatingip: Integer
      network: Integer
      port: Integer
      project: String
      rbac_policy: Integer
      router: Integer
      security_group: Integer
      security_group_rule: Integer
      subnet: Integer
      subnetpool: Integer

OS::Neutron::RBACPolicy

Available since 6.0.0 (Mitaka)

A Resource for managing RBAC policy in Neutron.

This resource creates and manages Neutron RBAC policy, which allows to share Neutron networks and qos-policies to subsets of tenants.

Required Properties

action
Action for the RBAC policy. The allowed actions differ for different object types - only network objects can have an access_as_external action.
String value expected.
Updates cause replacement.
Allowed values: “access_as_shared”, “access_as_external”
object_id
ID or name of the RBAC object.
String value expected.
Updates cause replacement.
object_type
Type of the object that RBAC policy affects.
String value expected.
Updates cause replacement.
Allowed values: “network”, “qos_policy”
target_tenant
ID of the tenant to which the RBAC policy will be enforced.
String value expected.
Can be updated without replacement.

Optional Properties

tenant_id
The owner tenant ID. Only required if the caller has an administrative role and wants to create a RBAC for another tenant.
String value expected.
Updates cause replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::RBACPolicy
    properties:
      action: String
      object_id: String
      object_type: String
      target_tenant: String
      tenant_id: String

OS::Neutron::Router

A resource that implements Neutron router.

Router is a physical or virtual network device that passes network traffic between different networks.

Optional Properties

admin_state_up
The administrative state of the router.
Boolean value expected.
Can be updated without replacement.
Defaults to true
distributed

Available since 2015.1 (Kilo)

Indicates whether or not to create a distributed router. NOTE: The default policy setting in Neutron restricts usage of this property to administrative users only. This property can not be used in conjunction with the L3 agent ID.
Boolean value expected.
Updates cause replacement.
external_gateway_info
External network gateway configuration for a router.
Map value expected.
Can be updated without replacement.
Map properties:
enable_snat
Optional.
Enables Source NAT on the router gateway. NOTE: The default policy setting in Neutron restricts usage of this property to administrative users only.
Boolean value expected.
Can be updated without replacement.
external_fixed_ips

Available since 6.0.0 (Mitaka)

External fixed IP addresses for the gateway.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
ip_address
Optional.
External fixed IP address.
String value expected.
Can be updated without replacement.
Value must be of type ip_addr
subnet
Optional.
Subnet of external fixed IP address.
String value expected.
Can be updated without replacement.
Value must be of type neutron.subnet
network
Required.
ID or name of the external network for the gateway.
String value expected.
Can be updated without replacement.
ha

Available since 2015.1 (Kilo)

Indicates whether or not to create a highly available router. NOTE: The default policy setting in Neutron restricts usage of this property to administrative users only. And now neutron do not support distributed and ha at the same time.
Boolean value expected.
Updates cause replacement.
l3_agent_ids

Available since 2015.1 (Kilo)

ID list of the L3 agent. User can specify multi-agents for highly available router. NOTE: The default policy setting in Neutron restricts usage of this property to administrative users only.
List value expected.
Can be updated without replacement.
List contents:
Optional.
String value expected.
Can be updated without replacement.
name
The name of the router.
String value expected.
Can be updated without replacement.
tags

Available since 9.0.0 (Pike)

The tags to be added to the router.
List value expected.
Can be updated without replacement.
List contents:
Optional.
String value expected.
Can be updated without replacement.
value_specs
Extra parameters to include in the creation request.
Map value expected.
Can be updated without replacement.
Defaults to {}

Attributes

admin_state_up

Administrative state of the router.

external_gateway_info

Gateway network for the router.

name

Friendly name of the router.

show

Detailed information about resource.

status

The status of the router.

tenant_id

Tenant owning the router.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::Router
    properties:
      admin_state_up: Boolean
      distributed: Boolean
      external_gateway_info: {"network": String, "enable_snat": Boolean, "external_fixed_ips": [{"ip_address": String, "subnet": String}, {"ip_address": String, "subnet": String}, ...]}
      ha: Boolean
      l3_agent_ids: [String, String, ...]
      name: String
      tags: [String, String, ...]
      value_specs: {...}

OS::Neutron::RouterInterface

A resource for managing Neutron router interfaces.

Router interfaces associate routers with existing subnets or ports.

Required Properties

router
The router.
String value expected.
Updates cause replacement.
Value must be of type neutron.router

Optional Properties

port

Available since 2015.1 (Kilo)

The port, either subnet or port should be specified.
String value expected.
Updates cause replacement.
Value must be of type neutron.port
subnet
The subnet, either subnet or port should be specified.
String value expected.
Updates cause replacement.
Value must be of type neutron.subnet

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::RouterInterface
    properties:
      port: String
      router: String
      subnet: String

OS::Neutron::SecurityGroup

Available since 2014.1 (Icehouse)

A resource for managing Neutron security groups.

Security groups are sets of IP filter rules that are applied to an instance’s networking. They are project specific, and project members can edit the default rules for their group and add new rules sets. All projects have a “default” security group, which is applied to instances that have no other security group defined.

Optional Properties

description
Description of the security group.
String value expected.
Can be updated without replacement.
name
A string specifying a symbolic name for the security group, which is not required to be unique.
String value expected.
Can be updated without replacement.
rules
List of security group rules.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
direction
Optional.
The direction in which the security group rule is applied. For a compute instance, an ingress security group rule matches traffic that is incoming (ingress) for that instance. An egress rule is applied to traffic leaving the instance.
String value expected.
Can be updated without replacement.
Defaults to "ingress"
Allowed values: “ingress”, “egress”
ethertype
Optional.
Ethertype of the traffic.
String value expected.
Can be updated without replacement.
Defaults to "IPv4"
Allowed values: “IPv4”, “IPv6”
port_range_max
Optional.
The maximum port number in the range that is matched by the security group rule. The port_range_min attribute constrains the port_range_max attribute. If the protocol is ICMP, this value must be an ICMP type.
Integer value expected.
Can be updated without replacement.
The value must be in the range 0 to 65535.
port_range_min
Optional.
The minimum port number in the range that is matched by the security group rule. If the protocol is TCP or UDP, this value must be less than or equal to the value of the port_range_max attribute. If the protocol is ICMP, this value must be an ICMP type.
Integer value expected.
Can be updated without replacement.
The value must be in the range 0 to 65535.
protocol
Optional.
The protocol that is matched by the security group rule. Valid values include tcp, udp, and icmp.
String value expected.
Can be updated without replacement.
remote_group_id
Optional.
The remote group ID to be associated with this security group rule. If no value is specified then this rule will use this security group for the remote_group_id. The remote mode parameter must be set to “remote_group_id”.
String value expected.
Can be updated without replacement.
Value must be of type neutron.security_group
remote_ip_prefix
Optional.
The remote IP prefix (CIDR) to be associated with this security group rule.
String value expected.
Can be updated without replacement.
Value must be of type net_cidr
remote_mode
Optional.
Whether to specify a remote group or a remote IP prefix.
String value expected.
Can be updated without replacement.
Defaults to "remote_ip_prefix"
Allowed values: “remote_ip_prefix”, “remote_group_id”

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::SecurityGroup
    properties:
      description: String
      name: String
      rules: [{"direction": String, "ethertype": String, "port_range_min": Integer, "port_range_max": Integer, "protocol": String, "remote_mode": String, "remote_group_id": String, "remote_ip_prefix": String}, {"direction": String, "ethertype": String, "port_range_min": Integer, "port_range_max": Integer, "protocol": String, "remote_mode": String, "remote_group_id": String, "remote_ip_prefix": String}, ...]

OS::Neutron::SecurityGroupRule

Available since 7.0.0 (Newton)

A resource for managing Neutron security group rules.

Rules to use in security group resource.

Required Properties

security_group
Security group name or ID to add rule.
String value expected.
Updates cause replacement.
Value must be of type neutron.security_group

Optional Properties

description
Description of the security group rule.
String value expected.
Updates cause replacement.
direction
The direction in which the security group rule is applied. For a compute instance, an ingress security group rule matches traffic that is incoming (ingress) for that instance. An egress rule is applied to traffic leaving the instance.
String value expected.
Updates cause replacement.
Defaults to "ingress"
Allowed values: “ingress”, “egress”
ethertype
Ethertype of the traffic.
String value expected.
Updates cause replacement.
Defaults to "IPv4"
Allowed values: “IPv4”, “IPv6”
port_range_max
The maximum port number in the range that is matched by the security group rule. The port_range_min attribute constrains the port_range_max attribute. If the protocol is ICMP, this value must be an ICMP code.
Integer value expected.
Updates cause replacement.
The value must be in the range 0 to 65535.
port_range_min
The minimum port number in the range that is matched by the security group rule. If the protocol is TCP or UDP, this value must be less than or equal to the value of the port_range_max attribute. If the protocol is ICMP, this value must be an ICMP type.
Integer value expected.
Updates cause replacement.
The value must be in the range 0 to 65535.
protocol
The protocol that is matched by the security group rule. Allowed values are ah, dccp, egp, esp, gre, icmp, icmpv6, igmp, ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt, ipv6-opts, ipv6-route, ospf, pgm, rsvp, sctp, tcp, udp, udplite, vrrp and integer representations [0-255].
String value expected.
Updates cause replacement.
Defaults to "tcp"
Allowed values: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, 194, 195, 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, 206, 207, 208, 209, 210, 211, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, 222, 223, 224, 225, 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, 237, 238, 239, 240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, 254, 255, “ah”, “dccp”, “egp”, “esp”, “gre”, “icmp”, “icmpv6”, “igmp”, “ipv6-encap”, “ipv6-frag”, “ipv6-icmp”, “ipv6-nonxt”, “ipv6-opts”, “ipv6-route”, “ospf”, “pgm”, “rsvp”, “sctp”, “tcp”, “udp”, “udplite”, “vrrp”
remote_group
The remote group name or ID to be associated with this security group rule.
String value expected.
Updates cause replacement.
Value must be of type neutron.security_group
remote_ip_prefix
The remote IP prefix (CIDR) to be associated with this security group rule.
String value expected.
Updates cause replacement.
Value must be of type net_cidr

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::SecurityGroupRule
    properties:
      description: String
      direction: String
      ethertype: String
      port_range_max: Integer
      port_range_min: Integer
      protocol: String
      remote_group: String
      remote_ip_prefix: String
      security_group: String

OS::Neutron::Segment

Available since 9.0.0 (Pike)

A resource for Neutron Segment.

This requires enabling the segments service plug-in by appending ‘segments’ to the list of service_plugins in the neutron.conf.

The default policy usage of this resource is limited to administrators only.

Required Properties

network
The name/id of network to associate with this segment.
String value expected.
Updates cause replacement.
Value must be of type neutron.network
network_type
Type of network to associate with this segment.
String value expected.
Updates cause replacement.
Allowed values: “local”, “vlan”, “vxlan”, “gre”, “geneve”, “flat”

Optional Properties

description
Description of the segment.
String value expected.
Can be updated without replacement.
name
Name of the segment.
String value expected.
Can be updated without replacement.
physical_network
Name of physical network to associate with this segment.
String value expected.
Updates cause replacement.
segmentation_id
Segmentation ID for this segment.
Integer value expected.
Updates cause replacement.
The value must be at least 1.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::Segment
    properties:
      description: String
      name: String
      network: String
      network_type: String
      physical_network: String
      segmentation_id: Integer

OS::Neutron::Subnet

A resource for managing Neutron subnets.

A subnet represents an IP address block that can be used for assigning IP addresses to virtual instances. Each subnet must have a CIDR and must be associated with a network. IPs can be either selected from the whole subnet CIDR, or from “allocation pools” that can be specified by the user.

Required Properties

network

Available since 2014.2 (Juno)

The ID of the attached network.
String value expected.
Updates cause replacement.
Value must be of type neutron.network

Optional Properties

allocation_pools
The start and end addresses for the allocation pools.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
end
Required.
End address for the allocation pool.
String value expected.
Can be updated without replacement.
Value must be of type ip_addr
start
Required.
Start address for the allocation pool.
String value expected.
Can be updated without replacement.
Value must be of type ip_addr
cidr
The CIDR.
String value expected.
Updates cause replacement.
Value must be of type net_cidr
dns_nameservers
A specified set of DNS name servers to be used.
List value expected.
Can be updated without replacement.
Defaults to []
enable_dhcp
Set to true if DHCP is enabled and false if DHCP is disabled.
Boolean value expected.
Can be updated without replacement.
Defaults to true
gateway_ip
The gateway IP address. Set to any of [ null | ~ | “” ] to create/update a subnet without a gateway. If omitted when creation, neutron will assign the first free IP address within the subnet to the gateway automatically. If remove this from template when update, the old gateway IP address will be detached.
String value expected.
Can be updated without replacement.
host_routes
A list of host route dictionaries for the subnet.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
destination
Required.
The destination for static route.
String value expected.
Can be updated without replacement.
Value must be of type net_cidr
nexthop
Required.
The next hop for the destination.
String value expected.
Can be updated without replacement.
Value must be of type ip_addr
ip_version
The IP version, which is 4 or 6.
Integer value expected.
Updates cause replacement.
Defaults to 4
Allowed values: 4, 6
ipv6_address_mode

Available since 2015.1 (Kilo)

IPv6 address mode.
String value expected.
Updates cause replacement.
Allowed values: “dhcpv6-stateful”, “dhcpv6-stateless”, “slaac”
ipv6_ra_mode

Available since 2015.1 (Kilo)

IPv6 RA (Router Advertisement) mode.
String value expected.
Updates cause replacement.
Allowed values: “dhcpv6-stateful”, “dhcpv6-stateless”, “slaac”
name
The name of the subnet.
String value expected.
Can be updated without replacement.
prefixlen

Available since 6.0.0 (Mitaka)

Prefix length for subnet allocation from subnet pool.
Integer value expected.
Updates cause replacement.
The value must be at least 0.
segment

Available since 11.0.0 (Rocky) - Update allowed since version 11.0.0.

Available since 9.0.0 (Pike)

The name/ID of the segment to associate.
String value expected.
Can be updated without replacement.
Value must be of type neutron.segment
subnetpool

Available since 6.0.0 (Mitaka)

The name or ID of the subnet pool.
String value expected.
Updates cause replacement.
Value must be of type neutron.subnetpool
tags

Available since 9.0.0 (Pike)

The tags to be added to the subnet.
List value expected.
Can be updated without replacement.
List contents:
Optional.
String value expected.
Can be updated without replacement.
tenant_id
The ID of the tenant who owns the network. Only administrative users can specify a tenant ID other than their own.
String value expected.
Updates cause replacement.
value_specs
Extra parameters to include in the request.
Map value expected.
Can be updated without replacement.
Defaults to {}

Attributes

allocation_pools

Ip allocation pools and their ranges.

cidr

CIDR block notation for this subnet.

dns_nameservers

List of dns nameservers.

enable_dhcp

‘true’ if DHCP is enabled for this subnet; ‘false’ otherwise.

gateway_ip

Ip of the subnet’s gateway.

host_routes

Additional routes for this subnet.

ip_version

Ip version for the subnet.

name

Friendly name of the subnet.

network_id

Parent network of the subnet.

show

Detailed information about resource.

tenant_id

Tenant owning the subnet.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::Subnet
    properties:
      allocation_pools: [{"start": String, "end": String}, {"start": String, "end": String}, ...]
      cidr: String
      dns_nameservers: [Value, Value, ...]
      enable_dhcp: Boolean
      gateway_ip: String
      host_routes: [{"destination": String, "nexthop": String}, {"destination": String, "nexthop": String}, ...]
      ip_version: Integer
      ipv6_address_mode: String
      ipv6_ra_mode: String
      name: String
      network: String
      prefixlen: Integer
      segment: String
      subnetpool: String
      tags: [String, String, ...]
      tenant_id: String
      value_specs: {...}

OS::Neutron::SubnetPool

Available since 6.0.0 (Mitaka)

A resource that implements neutron subnet pool.

This resource can be used to create a subnet pool with a large block of addresses and create subnets from it.

Required Properties

prefixes
List of subnet prefixes to assign.
List value expected.
Can be updated without replacement.
The length must be at least 1.
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type net_cidr

Optional Properties

address_scope
An address scope ID to assign to the subnet pool.
String value expected.
Can be updated without replacement.
Value must be of type neutron.address_scope
default_prefixlen
The size of the prefix to allocate when the cidr or prefixlen attributes are not specified while creating a subnet.
Integer value expected.
Can be updated without replacement.
The value must be at least 0.
default_quota
A per-tenant quota on the prefix space that can be allocated from the subnet pool for tenant subnets.
Integer value expected.
Can be updated without replacement.
The value must be at least 0.
is_default
Whether this is default IPv4/IPv6 subnet pool. There can only be one default subnet pool for each IP family. Note that the default policy setting restricts administrative users to set this to True.
Boolean value expected.
Can be updated without replacement.
Defaults to false
max_prefixlen
Maximum prefix size that can be allocated from the subnet pool.
Integer value expected.
Can be updated without replacement.
The value must be at least 0.
min_prefixlen
Smallest prefix size that can be allocated from the subnet pool.
Integer value expected.
Can be updated without replacement.
The value must be at least 0.
name
Name of the subnet pool.
String value expected.
Can be updated without replacement.
shared
Whether the subnet pool will be shared across all tenants. Note that the default policy setting restricts usage of this attribute to administrative users only.
Boolean value expected.
Updates cause replacement.
Defaults to false
tags

Available since 9.0.0 (Pike)

The tags to be added to the subnetpool.
List value expected.
Can be updated without replacement.
List contents:
Optional.
String value expected.
Can be updated without replacement.
tenant_id
The ID of the tenant who owns the subnet pool. Only administrative users can specify a tenant ID other than their own.
String value expected.
Updates cause replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::SubnetPool
    properties:
      address_scope: String
      default_prefixlen: Integer
      default_quota: Integer
      is_default: Boolean
      max_prefixlen: Integer
      min_prefixlen: Integer
      name: String
      prefixes: [String, String, ...]
      shared: Boolean
      tags: [String, String, ...]
      tenant_id: String

OS::Neutron::TaaS::TapFlow

Available since 12.0.0 (Stein)

A resource for neutron tap-as-a-service tap-flow.

This plug-in requires neutron-taas. So to enable this plug-in, install this library and restart the heat-engine.

A Tap-Flow represents the port from which the traffic needs to be mirrored.

Required Properties

port
ID or name of the tap-flow neutron port.
String value expected.
Updates cause replacement.
Value must be of type neutron.port
tap_service
ID or name of the neutron tap-service.
String value expected.
Updates cause replacement.
Value must be of type neutron.taas.tap_service

Optional Properties

description
Description for the Tap-Flow.
String value expected.
Can be updated without replacement.
Defaults to ""
direction
The Direction to capture the traffic on.
String value expected.
Updates cause replacement.
Defaults to "BOTH"
Allowed values: “IN”, “OUT”, “BOTH”
name
Name for the Tap-Flow.
String value expected.
Can be updated without replacement.
Defaults to ""
vlan_filter
Comma separated list of VLANs, data for which needs to be captured on probe VM.
String value expected.
Updates cause replacement.
Value must match pattern: ^([0-9]+(-[0-9]+)?)(,([0-9]+(-[0-9]+)?))*$

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::TaaS::TapFlow
    properties:
      description: String
      direction: String
      name: String
      port: String
      tap_service: String
      vlan_filter: String

OS::Neutron::TaaS::TapService

Available since 12.0.0 (Stein)

A resource for neutron tap-as-a-service tap-service.

This plug-in requires neutron-taas. So to enable this plug-in, install this library and restart the heat-engine.

A Tap-Service represents the port on which the mirrored traffic is delivered. Any VM that uses the mirrored data is attached to this port.

Required Properties

port
ID or name of the tap-service neutron port.
String value expected.
Updates cause replacement.
Value must be of type neutron.port

Optional Properties

description
Description for the Tap-Service.
String value expected.
Can be updated without replacement.
Defaults to ""
name
Name for the Tap-Service.
String value expected.
Can be updated without replacement.
Defaults to ""

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::TaaS::TapService
    properties:
      description: String
      name: String
      port: String

OS::Neutron::Trunk

Available since 9.0.0 (Pike)

A resource for managing Neutron trunks.

Requires Neutron Trunk Extension to be enabled:

$ openstack extension show trunk

The network trunk service allows multiple networks to be connected to an instance using a single virtual NIC (vNIC). Multiple networks can be presented to an instance by connecting the instance to a single port.

Users can create a port, associate it with a trunk (as the trunk’s parent) and launch an instance on that port. Users can dynamically attach and detach additional networks without disrupting operation of the instance.

Every trunk has a parent port and can have any number (0, 1, …) of subports. The parent port is the port that the instance is directly associated with and its traffic is always untagged inside the instance. Users must specify the parent port of the trunk when launching an instance attached to a trunk.

A network presented by a subport is the network of the associated port. When creating a subport, a segmentation_type and segmentation_id may be required by the driver so the user can distinguish the networks inside the instance. As of release Pike only segmentation_type vlan is supported. segmentation_id defines the segmentation ID on which the subport network is presented to the instance.

Note that some Neutron backends (primarily Open vSwitch) only allow trunk creation before an instance is booted on the parent port. To avoid a possible race condition when booting an instance with a trunk it is strongly recommended to refer to the trunk’s parent port indirectly in the template via get_attr. For example:

trunk:
  type: OS::Neutron::Trunk
  properties:
    port: ...
instance:
  type: OS::Nova::Server
  properties:
    networks:
      - { port: { get_attr: [trunk, port_id] } }

Though other Neutron backends may tolerate the direct port reference (and the possible reverse ordering of API requests implied) it’s a good idea to avoid writing Neutron backend specific templates.

Required Properties

port
ID or name of a port to be used as a parent port.
String value expected.
Updates are not supported. Resource update will fail on any attempt to update this property.
Value must be of type neutron.port

Optional Properties

admin_state_up
Enable/disable subport addition, removal and trunk delete.
Boolean value expected.
Can be updated without replacement.
description
Description for the trunk.
String value expected.
Can be updated without replacement.
name
A string specifying a symbolic name for the trunk, which is not required to be uniqe.
String value expected.
Can be updated without replacement.
sub_ports
List with 0 or more map elements containing subport details.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
port
Required.
ID or name of a port to be used as a subport.
String value expected.
Can be updated without replacement.
Value must be of type neutron.port
segmentation_id
Required.
The segmentation ID on which the subport network is presented to the instance.
Integer value expected.
Can be updated without replacement.
The value must be in the range 1 to 4094.
segmentation_type
Required.
Segmentation type to be used on the subport.
String value expected.
Can be updated without replacement.
Allowed values: “vlan”

Attributes

port_id

ID or name of a port used as a parent port.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::Trunk
    properties:
      admin_state_up: Boolean
      description: String
      name: String
      port: String
      sub_ports: [{"port": String, "segmentation_type": String, "segmentation_id": Integer}, {"port": String, "segmentation_type": String, "segmentation_id": Integer}, ...]

OS::Neutron::VPNService

A resource for VPN service in Neutron.

VPN service is a high level object that associates VPN with a specific subnet and router.

Required Properties

router

Available since 2015.1 (Kilo)

The router to which the vpn service will be inserted.
String value expected.
Updates cause replacement.
Value must be of type neutron.router
subnet

Available since 2014.2 (Juno)

Subnet in which the vpn service will be created.
String value expected.
Updates cause replacement.
Value must be of type neutron.subnet

Optional Properties

admin_state_up
Administrative state for the vpn service.
Boolean value expected.
Can be updated without replacement.
Defaults to true
description
Description for the vpn service.
String value expected.
Can be updated without replacement.
name
Name for the vpn service.
String value expected.
Can be updated without replacement.

Attributes

admin_state_up

The administrative state of the vpn service.

description

The description of the vpn service.

name

The name of the vpn service.

router_id

The unique identifier of the router to which the vpn service was inserted.

show

Detailed information about resource.

status

The status of the vpn service.

subnet_id

The unique identifier of the subnet in which the vpn service was created.

tenant_id

The unique identifier of the tenant owning the vpn service.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Neutron::VPNService
    properties:
      admin_state_up: Boolean
      description: String
      name: String
      router: String
      subnet: String

OS::Nova::Flavor

Available since 2014.2 (Juno)

A resource for creating OpenStack virtual hardware templates.

Due to default nova security policy usage of this resource is limited to being used by administrators only. The rights may also be delegated to other users by redefining the access controls on the nova-api server.

Note that the current implementation of the Nova Flavor resource does not allow specifying the name and flavorid properties for the resource. This is done to avoid potential naming collision upon flavor creation as all flavor have a global scope.

Required Properties

ram
Memory in MB for the flavor.
Integer value expected.
Updates cause replacement.
vcpus
Number of VCPUs for the flavor.
Integer value expected.
Updates cause replacement.

Optional Properties

disk
Size of local disk in GB. The “0” size is a special case that uses the native base image size as the size of the ephemeral root volume.
Integer value expected.
Updates cause replacement.
Defaults to 0
ephemeral
Size of a secondary ephemeral data disk in GB.
Integer value expected.
Updates cause replacement.
Defaults to 0
extra_specs
Key/Value pairs to extend the capabilities of the flavor.
Map value expected.
Can be updated without replacement.
flavorid

Available since 7.0.0 (Newton)

Unique ID of the flavor. If not specified, an UUID will be auto generated and used.
String value expected.
Updates cause replacement.
is_public

Available since 6.0.0 (Mitaka)

Scope of flavor accessibility. Public or private. Default value is True, means public, shared across all projects.
Boolean value expected.
Updates cause replacement.
Defaults to true
name

Available since 7.0.0 (Newton)

Name of the flavor.
String value expected.
Updates cause replacement.
rxtx_factor
RX/TX factor.
Number value expected.
Updates cause replacement.
Defaults to 1.0
swap
Swap space in MB.
Integer value expected.
Updates cause replacement.
Defaults to 0
tenants

Available since 8.0.0 (Ocata)

List of tenants.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type keystone.project

Attributes

extra_specs

Available since 7.0.0 (Newton)

Extra specs of the flavor in key-value pairs.

is_public

Available since 6.0.0 (Mitaka)

Whether the flavor is shared across all projects.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Nova::Flavor
    properties:
      disk: Integer
      ephemeral: Integer
      extra_specs: {...}
      flavorid: String
      is_public: Boolean
      name: String
      ram: Integer
      rxtx_factor: Number
      swap: Integer
      tenants: [String, String, ...]
      vcpus: Integer

OS::Nova::HostAggregate

Available since 6.0.0 (Mitaka)

A resource for further partition an availability zone with hosts.

While availability zones are visible to users, host aggregates are only visible to administrators. Host aggregates started out as a way to use Xen hypervisor resource pools, but has been generalized to provide a mechanism to allow administrators to assign key-value pairs to groups of machines. Each node can have multiple aggregates, each aggregate can have multiple key-value pairs, and the same key-value pair can be assigned to multiple aggregate. This information can be used in the scheduler to enable advanced scheduling, to set up xen hypervisor resources pools or to define logical groups for migration.

Required Properties

name
Name for the aggregate.
String value expected.
Can be updated without replacement.

Optional Properties

availability_zone
Name for the availability zone.
String value expected.
Can be updated without replacement.
hosts
List of hosts to join aggregate.
List value expected.
Can be updated without replacement.
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type nova.host
metadata
Arbitrary key/value metadata to store information for aggregate.
Map value expected.
Can be updated without replacement.
Defaults to {}

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Nova::HostAggregate
    properties:
      availability_zone: String
      hosts: [String, String, ...]
      metadata: {...}
      name: String

OS::Nova::KeyPair

Available since 2014.1 (Icehouse)

A resource for creating Nova key pairs.

A keypair is a ssh key that can be injected into a server on launch.

Note that if a new key is generated setting save_private_key to True results in the system saving the private key which can then be retrieved via the private_key attribute of this resource.

Setting the public_key property means that the private_key attribute of this resource will always return an empty string regardless of the save_private_key setting since there will be no private key data to save.

Required Properties

name
The name of the key pair.
String value expected.
Updates cause replacement.
The length must be in the range 1 to 255.

Optional Properties

public_key
The optional public key. This allows users to supply the public key from a pre-existing key pair. If not supplied, a new key pair will be generated.
String value expected.
Updates cause replacement.
save_private_key
True if the system should remember a generated private key; False otherwise.
Boolean value expected.
Updates cause replacement.
Defaults to false
type

Available since 8.0.0 (Ocata)

Keypair type. Supported since Nova api version 2.2.
String value expected.
Updates cause replacement.
Allowed values: “ssh”, “x509”
user

Available since 9.0.0 (Pike)

ID or name of user to whom to add key-pair. The usage of this property is limited to being used by administrators only. Supported since Nova api version 2.10.
String value expected.
Updates cause replacement.
Value must be of type keystone.user

Attributes

private_key

The private key if it has been saved.

public_key

The public key.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Nova::KeyPair
    properties:
      name: String
      public_key: String
      save_private_key: Boolean
      type: String
      user: String

OS::Nova::Quota

Available since 8.0.0 (Ocata)

A resource for creating nova quotas.

Nova Quota is used to manage operational limits for projects. Currently, this resource can manage Nova’s quotas for:

  • cores

  • fixed_ips

  • floating_ips

  • instances

  • injected_files

  • injected_file_content_bytes

  • injected_file_path_bytes

  • key_pairs

  • metadata_items

  • ram

  • security_groups

  • security_group_rules

  • server_groups

  • server_group_members

Note that default nova security policy usage of this resource is limited to being used by administrators only. Administrators should be careful to create only one Nova Quota resource per project, otherwise it will be hard for them to manage the quota properly.

Required Properties

project
Name or id of the project to set the quota for.
String value expected.
Updates cause replacement.
Value must be of type keystone.project

Optional Properties

cores
Quota for the number of cores. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
fixed_ips
Quota for the number of fixed IPs. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
floating_ips
Quota for the number of floating IPs. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
instances
Quota for the number of instances. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
key_pairs
Quota for the number of key pairs. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
metadata_items
Quota for the number of metadata items. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
ram
Quota for the amount of ram (in megabytes). Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
security_group_rules
Quota for the number of security group rules. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
security_groups
Quota for the number of security groups. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
server_group_members
Quota for the number of server group members. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
server_groups
Quota for the number of server groups. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
injected_file_content_bytes

DEPRECATED since 14.0.0 (Ussuri) - File injection is deprecated from compute REST API OS::Nova::Quota resource will not support it in the future.

Quota for the number of injected file content bytes. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
injected_file_path_bytes

DEPRECATED since 14.0.0 (Ussuri) - File injection is deprecated from compute REST API OS::Nova::Quota resource will not support it in the future.

Quota for the number of injected file path bytes. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
injected_files

DEPRECATED since 14.0.0 (Ussuri) - File injection is deprecated from compute REST API OS::Nova::Quota resource will not support it in the future.

Quota for the number of injected files. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Nova::Quota
    properties:
      cores: Integer
      fixed_ips: Integer
      floating_ips: Integer
      instances: Integer
      key_pairs: Integer
      metadata_items: Integer
      project: String
      ram: Integer
      security_group_rules: Integer
      security_groups: Integer
      server_group_members: Integer
      server_groups: Integer

OS::Nova::Server

A resource for managing Nova instances.

A Server resource manages the running virtual machine instance within an OpenStack cloud.

Required Properties

flavor
The ID or name of the flavor to boot onto.
String value expected.
Can be updated without replacement.
Value must be of type nova.flavor

Optional Properties

admin_pass
The administrator password for the server.
String value expected.
Can be updated without replacement.
availability_zone
Name of the availability zone for server placement.
String value expected.
Updates cause replacement.
block_device_mapping
Block device mappings for this server.
List value expected.
Updates cause replacement.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
delete_on_termination
Optional.
Indicate whether the volume should be deleted when the server is terminated.
Boolean value expected.
Updates cause replacement.
device_name
Required.
A device name where the volume will be attached in the system at /dev/device_name. This value is typically vda.
String value expected.
Updates cause replacement.
snapshot_id
Optional.
The ID of the snapshot to create a volume from.
String value expected.
Updates cause replacement.
Value must be of type cinder.snapshot
volume_id
Optional.
The ID of the volume to boot from. Only one of volume_id or snapshot_id should be provided.
String value expected.
Updates cause replacement.
Value must be of type cinder.volume
volume_size
Optional.
The size of the volume, in GB. It is safe to leave this blank and have the Compute service infer the size.
Integer value expected.
Updates cause replacement.
block_device_mapping_v2

Available since 2015.1 (Kilo)

Block device mappings v2 for this server.
List value expected.
Updates cause replacement.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
boot_index
Optional.
Integer used for ordering the boot disks. If it is not specified, value “0” will be set for bootable sources (volume, snapshot, image); value “-1” will be set for non-bootable sources.
Integer value expected.
Updates cause replacement.
delete_on_termination
Optional.
Indicate whether the volume should be deleted when the server is terminated. Defaults to “False” in case of a volume, snapshot or image and to “True” in case of swap or ephemeral.
Boolean value expected.
Updates cause replacement.
device_name
Optional.
A device name where the volume will be attached in the system at /dev/device_name. This value is typically vda.
String value expected.
Updates cause replacement.
device_type
Optional.
Device type: at the moment we can make distinction only between disk and cdrom.
String value expected.
Updates cause replacement.
Allowed values: “cdrom”, “disk”
disk_bus
Optional.
Bus of the device: hypervisor driver chooses a suitable default if omitted.
String value expected.
Updates cause replacement.
Allowed values: “ide”, “lame_bus”, “scsi”, “usb”, “virtio”
ephemeral_format

Available since 8.0.0 (Ocata)

Optional.
The format of the local ephemeral block device. If no format is specified, uses default value, defined in nova configuration file.
String value expected.
Updates cause replacement.
Allowed values: “ext2”, “ext3”, “ext4”, “xfs”, “ntfs”
ephemeral_size

Available since 8.0.0 (Ocata)

Optional.
The size of the local ephemeral block device, in GB.
Integer value expected.
Updates cause replacement.
The value must be at least 1.
image

Available since 7.0.0 (Newton)

Optional.
The ID or name of the image to create a volume from.
String value expected.
Updates cause replacement.
Value must be of type glance.image
snapshot_id
Optional.
The ID of the snapshot to create a volume from.
String value expected.
Updates cause replacement.
Value must be of type cinder.snapshot
swap_size
Optional.
The size of the swap, in MB.
Integer value expected.
Updates cause replacement.
volume_id
Optional.
The volume_id can be boot or non-boot device to the server.
String value expected.
Updates cause replacement.
Value must be of type cinder.volume
volume_size
Optional.
Size of the block device in GB. If it is omitted, hypervisor driver calculates size.
Integer value expected.
Updates cause replacement.
config_drive
If True, enable config drive on the server.
Boolean value expected.
Updates cause replacement.
deployment_swift_data

Available since 9.0.0 (Pike)

Swift container and object to use for storing deployment data for the server resource. The parameter is a map value with the keys “container” and “object”, and the values are the corresponding container and object names. The software_config_transport parameter must be set to POLL_TEMP_URL for swift to be used. If not specified, and software_config_transport is set to POLL_TEMP_URL, a container will be automatically created from the resource name, and the object name will be a generated uuid.
Map value expected.
Can be updated without replacement.
Defaults to {}
Map properties:
container
Optional.
Name of the container.
String value expected.
Can be updated without replacement.
The length must be at least 1.
object
Optional.
Name of the object.
String value expected.
Can be updated without replacement.
The length must be at least 1.
diskConfig
Control how the disk is partitioned when the server is created.
String value expected.
Updates cause replacement.
Allowed values: “AUTO”, “MANUAL”
flavor_update_policy
Policy on how to apply a flavor update; either by requesting a server resize or by replacing the entire server.
String value expected.
Can be updated without replacement.
Defaults to "RESIZE"
Allowed values: “RESIZE”, “REPLACE”
image
The ID or name of the image to boot with.
String value expected.
Can be updated without replacement.
Value must be of type glance.image
image_update_policy
Policy on how to apply an image-id update; either by requesting a server rebuild or by replacing the entire server.
String value expected.
Can be updated without replacement.
Defaults to "REBUILD"
Allowed values: “REBUILD”, “REPLACE”, “REBUILD_PRESERVE_EPHEMERAL”
key_name
Name of keypair to inject into the server.
String value expected.
Updates cause replacement.
Value must be of type nova.keypair
metadata
Arbitrary key/value metadata to store for this server. Both keys and values must be 255 characters or less. Non-string values will be serialized to JSON (and the serialized string must be 255 characters or less).
Map value expected.
Can be updated without replacement.
Defaults to {}
name
Server name.
String value expected.
Can be updated without replacement.
networks
An ordered list of nics to be added to this server, with information about connected networks, fixed ips, port etc.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
allocate_network

Available since 9.0.0 (Pike)

Optional.
The special string values of network, auto: means either a network that is already available to the project will be used, or if one does not exist, will be automatically created for the project; none: means no networking will be allocated for the created server. Supported by Nova API since version “2.37”. This property can not be used with other network keys.
String value expected.
Can be updated without replacement.
Allowed values: “none”, “auto”
fixed_ip
Optional.
Fixed IP address to specify for the port created on the requested network.
String value expected.
Can be updated without replacement.
Value must be of type ip_addr
floating_ip

Available since 6.0.0 (Mitaka)

Optional.
ID of the floating IP to associate.
String value expected.
Can be updated without replacement.
network
Optional.
Name or ID of network to create a port on.
String value expected.
Can be updated without replacement.
Value must be of type neutron.network
port
Optional.
ID of an existing port to associate with this server.
String value expected.
Can be updated without replacement.
Value must be of type neutron.port
port_extra_properties

Available since 6.0.0 (Mitaka)

Dict, which has expand properties for port. Used only if port property is not specified for creating port.
Map value expected.
Can be updated without replacement.
Map properties:
admin_state_up
Optional.
The administrative state of this port.
Boolean value expected.
Can be updated without replacement.
Defaults to true
allowed_address_pairs
Additional MAC/IP address pairs allowed to pass through the port.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
ip_address
Required.
IP address to allow through this port.
String value expected.
Can be updated without replacement.
Value must be of type ip_or_cidr
mac_address
Optional.
MAC address to allow through this port.
String value expected.
Can be updated without replacement.
Value must be of type mac_addr
binding:vnic_type

Available since 2015.1 (Kilo)

Optional.
The vnic type to be bound on the neutron port. To support SR-IOV PCI passthrough networking, you can request that the neutron port to be realized as normal (virtual nic), direct (pci passthrough), or macvtap (virtual interface with a tap-like software interface). Note that this only works for Neutron deployments that support the bindings extension.
String value expected.
Can be updated without replacement.
Defaults to "normal"
Allowed values: “normal”, “direct”, “macvtap”, “direct-physical”, “baremetal”, “virtio-forwarder”, “smart-nic”
mac_address
Optional.
MAC address to give to this port. The default update policy of this property in neutron is that allow admin role only.
String value expected.
Can be updated without replacement.
Value must be of type mac_addr
no_fixed_ips

Available since 16.0.0

Optional.
Flag to disable all fixed ips on the port.
Boolean value expected.
Can be updated without replacement.
Defaults to false
port_security_enabled

Available since 5.0.0 (Liberty)

Optional.
Flag to enable/disable port security on the port. When disable this feature(set it to False), there will be no packages filtering, like security-group and address-pairs.
Boolean value expected.
Can be updated without replacement.
qos_policy

Available since 6.0.0 (Mitaka)

Optional.
The name or ID of QoS policy to attach to this port.
String value expected.
Can be updated without replacement.
Value must be of type neutron.qos_policy
value_specs
Extra parameters to include in the request.
Map value expected.
Can be updated without replacement.
Defaults to {}
subnet

Available since 5.0.0 (Liberty)

Optional.
Subnet in which to allocate the IP address for port. Used for creating port, based on derived properties. If subnet is specified, network property becomes optional.
String value expected.
Can be updated without replacement.
tag

Available since 9.0.0 (Pike)

Optional.
Port tag. Heat ignores any update on this property as nova does not support it.
String value expected.
Can be updated without replacement.
reservation_id
A UUID for the set of servers being requested.
String value expected.
Updates cause replacement.
scheduler_hints
Arbitrary key-value pairs specified by the client to help boot a server.
Map value expected.
Updates cause replacement.
security_groups
List of security group names or IDs. Cannot be used if neutron ports are associated with this server; assign security groups to the ports instead.
List value expected.
Updates cause replacement.
Defaults to []
software_config_transport
How the server should receive the metadata required for software configuration. POLL_SERVER_CFN will allow calls to the cfn API action DescribeStackResource authenticated with the provided keypair. POLL_SERVER_HEAT will allow calls to the Heat API resource-show using the provided keystone credentials. POLL_TEMP_URL will create and populate a Swift TempURL with metadata for polling. ZAQAR_MESSAGE will create a dedicated zaqar queue and post the metadata for polling.
String value expected.
Can be updated without replacement.
Defaults to "POLL_SERVER_CFN"
Allowed values: “POLL_SERVER_CFN”, “POLL_SERVER_HEAT”, “POLL_TEMP_URL”, “ZAQAR_MESSAGE”
tags

Available since 8.0.0 (Ocata)

Server tags. Supported since client version 2.26.
List value expected.
Can be updated without replacement.
List contents:
Optional.
String value expected.
Can be updated without replacement.
user_data
User data script to be executed by cloud-init or CoreOS ignition. Changes cause replacement of the resource by default, but can be ignored altogether by setting the `user_data_update_policy` property.
String value expected.
Can be updated without replacement.
Defaults to ""
user_data_format
How the user_data should be formatted for the server. For HEAT_CFNTOOLS, the user_data is bundled as part of the heat-cfntools cloud-init boot configuration data. For RAW the user_data is passed to Nova unmodified. For SOFTWARE_CONFIG user_data is bundled as part of the software config data, and metadata is derived from any associated SoftwareDeployment resources. And if the user_data is in CoreOS ignition(json) format, the metadata will be injected into the user_data automatically by Heat.
String value expected.
Updates cause replacement.
Defaults to "HEAT_CFNTOOLS"
Allowed values: “HEAT_CFNTOOLS”, “RAW”, “SOFTWARE_CONFIG”
user_data_update_policy

Available since 6.0.0 (Mitaka)

Policy on how to apply a user_data update; either by ignoring it or by replacing the entire server.
String value expected.
Can be updated without replacement.
Defaults to "REPLACE"
Allowed values: “REPLACE”, “IGNORE”
personality

DEPRECATED since 12.0.0 (Stein) - This is not supported with nova api microversion 2.57 and above. OS::Nova::Server resource will not support it in the future. Please use user_data or metadata instead. However, you can set heat config option max_nova_api_microversion < 2.57 to use this property in the meantime.

A map of files to create/overwrite on the server upon boot. Keys are file names and values are the file contents.
Map value expected.
Updates cause replacement.
Defaults to {}

Attributes

accessIPv4

DEPRECATED since 14.0.0 (Ussuri)

Available since 2015.1 (Kilo)

The manually assigned alternative public IPv4 address of the server.

accessIPv6

DEPRECATED since 14.0.0 (Ussuri)

Available since 2015.1 (Kilo)

The manually assigned alternative public IPv6 address of the server.

addresses

Available since 11.0.0 (Rocky) - The attribute was extended to include subnets and network with version 11.0.0.

A dict of all network addresses with corresponding port_id and subnets. Each network will have two keys in dict, they are network name and network id. The port ID may be obtained through the following expression: ``{get_attr: [<server>, addresses, <network name_or_id>, 0, port]}``. The subnets may be obtained trough the following expression: ``{get_attr: [<server>, addresses, <network name_or_id>, 0, subnets]}``. The network may be obtained through the following expression: ``{get_attr: [<server>, addresses, <network name_or_id>, 0, network]}``.

console_urls

Available since 2015.1 (Kilo)

URLs of server’s consoles. To get a specific console type, the requested type can be specified as parameter to the get_attr function, e.g. get_attr: [ <server>, console_urls, novnc ]. Currently supported types are novnc, xvpvnc, spice-html5, rdp-html5, serial and webmks.

instance_name

AWS compatible instance name.

name

Name of the server.

networks

A dict of assigned network addresses of the form: {“public”: [ip1, ip2…], “private”: [ip3, ip4], “public_uuid”: [ip1, ip2…], “private_uuid”: [ip3, ip4]}. Each network will have two keys in dict, they are network name and network id.

os_collect_config

Available since 9.0.0 (Pike)

The os-collect-config configuration for the server’s local agent to be configured to connect to Heat to retrieve deployment data.

show

Detailed information about resource.

tags

Available since 8.0.0 (Ocata)

Tags from the server. Supported since client version 2.26.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Nova::Server
    properties:
      admin_pass: String
      availability_zone: String
      block_device_mapping: [{"device_name": String, "volume_id": String, "snapshot_id": String, "volume_size": Integer, "delete_on_termination": Boolean}, {"device_name": String, "volume_id": String, "snapshot_id": String, "volume_size": Integer, "delete_on_termination": Boolean}, ...]
      block_device_mapping_v2: [{"device_name": String, "volume_id": String, "image_id": String, "image": String, "snapshot_id": String, "swap_size": Integer, "ephemeral_size": Integer, "ephemeral_format": String, "device_type": String, "disk_bus": String, "boot_index": Integer, "volume_size": Integer, "delete_on_termination": Boolean}, {"device_name": String, "volume_id": String, "image_id": String, "image": String, "snapshot_id": String, "swap_size": Integer, "ephemeral_size": Integer, "ephemeral_format": String, "device_type": String, "disk_bus": String, "boot_index": Integer, "volume_size": Integer, "delete_on_termination": Boolean}, ...]
      config_drive: Boolean
      deployment_swift_data: {"container": String, "object": String}
      diskConfig: String
      flavor: String
      flavor_update_policy: String
      image: String
      image_update_policy: String
      key_name: String
      metadata: {...}
      name: String
      networks: [{"uuid": String, "network": String, "allocate_network": String, "fixed_ip": String, "port": String, "port_extra_properties": {"value_specs": {...}, "admin_state_up": Boolean, "mac_address": String, "allowed_address_pairs": [{"mac_address": String, "ip_address": String}, {"mac_address": String, "ip_address": String}, ...], "binding:vnic_type": String, "port_security_enabled": Boolean, "qos_policy": String, "propagate_uplink_status": Boolean, "no_fixed_ips": Boolean}, "subnet": String, "floating_ip": String, "tag": String}, {"uuid": String, "network": String, "allocate_network": String, "fixed_ip": String, "port": String, "port_extra_properties": {"value_specs": {...}, "admin_state_up": Boolean, "mac_address": String, "allowed_address_pairs": [{"mac_address": String, "ip_address": String}, {"mac_address": String, "ip_address": String}, ...], "binding:vnic_type": String, "port_security_enabled": Boolean, "qos_policy": String, "propagate_uplink_status": Boolean, "no_fixed_ips": Boolean}, "subnet": String, "floating_ip": String, "tag": String}, ...]
      reservation_id: String
      scheduler_hints: {...}
      security_groups: [Value, Value, ...]
      software_config_transport: String
      tags: [String, String, ...]
      user_data: String
      user_data_format: String
      user_data_update_policy: String

OS::Nova::ServerGroup

Available since 2014.2 (Juno)

A resource for managing a Nova server group.

Server groups allow you to make sure instances (VM/VPS) are on the same hypervisor host or on a different one.

Optional Properties

name
Server Group name.
String value expected.
Updates cause replacement.
policies
A list of string policies to apply. Defaults to anti-affinity.
List value expected.
Updates cause replacement.
Defaults to ["anti-affinity"]
Allowed values: “anti-affinity”, “affinity”, “soft-anti-affinity”, “soft-affinity”
List contents:
Optional.
String value expected.
Updates cause replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Nova::ServerGroup
    properties:
      name: String
      policies: [String, String, ...]

OS::Octavia::Flavor

Available since 14.0.0 (Ussuri)

A resource for creating octavia Flavors.

This resource creates and manages octavia Flavors, which allows to tune Load Balancers’ capabilities.

Required Properties

flavor_profile
The ID or the name of the Flavor Profile.
String value expected.
Updates cause replacement.
Value must be of type octavia.flavorprofile

Optional Properties

description
Description of this Flavor.
String value expected.
Can be updated without replacement.
Defaults to ""
enabled
If the resource if available for use.
Boolean value expected.
Can be updated without replacement.
Defaults to true
name
Name of this Flavor.
String value expected.
Can be updated without replacement.

Attributes

flavor_profile_id

The ID of the flavor profile.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Octavia::Flavor
    properties:
      description: String
      enabled: Boolean
      flavor_profile: String
      name: String

OS::Octavia::FlavorProfile

Available since 14.0.0 (Ussuri)

A resource for creating octavia Flavor Profiles.

This resource creates and manages octavia Flavor Profiles, which allows to tune Load Balancers’ capabilities.

Required Properties

flavor_data
JSON string containing the flavor metadata.
String value expected.
Can be updated without replacement.

Optional Properties

name
Name of this Flavor Profile.
String value expected.
Can be updated without replacement.
provider_name
Provider name of this Flavor Profile.
String value expected.
Can be updated without replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Octavia::FlavorProfile
    properties:
      flavor_data: String
      name: String
      provider_name: String

OS::Octavia::HealthMonitor

Available since 10.0.0 (Queens)

A resource to handle load balancer health monitors.

This resource creates and manages octavia healthmonitors, which watches status of the load balanced servers.

Required Properties

delay
The minimum time in seconds between regular connections of the member.
Integer value expected.
Can be updated without replacement.
The value must be at least 0.
max_retries
Number of permissible connection failures before changing the member status to INACTIVE.
Integer value expected.
Can be updated without replacement.
The value must be in the range 1 to 10.
pool
ID or name of the load balancing pool.
String value expected.
Updates cause replacement.
Value must be of type octavia.pool
timeout
Maximum number of seconds for a monitor to wait for a connection to be established before it times out.
Integer value expected.
Can be updated without replacement.
The value must be at least 0.
type
One of predefined health monitor types.
String value expected.
Updates cause replacement.
Allowed values: “PING”, “TCP”, “HTTP”, “HTTPS”, “UDP-CONNECT”

Optional Properties

admin_state_up
The administrative state of the health monitor.
Boolean value expected.
Can be updated without replacement.
Defaults to true
expected_codes
The HTTP status codes expected in response from the member to declare it healthy. Specify one of the following values: a single value, such as 200. a list, such as 200, 202. a range, such as 200-204.
String value expected.
Can be updated without replacement.
http_method
The HTTP method used for requests by the monitor of type HTTP.
String value expected.
Can be updated without replacement.
Allowed values: “GET”, “HEAD”, “POST”, “PUT”, “DELETE”, “TRACE”, “OPTIONS”, “CONNECT”, “PATCH”
tenant_id
ID of the tenant who owns the health monitor.
String value expected.
Updates cause replacement.
url_path
The HTTP path used in the HTTP request used by the monitor to test a member health. A valid value is a string the begins with a forward slash (/).
String value expected.
Can be updated without replacement.

Attributes

pools

The list of Pools related to this monitor.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Octavia::HealthMonitor
    properties:
      admin_state_up: Boolean
      delay: Integer
      expected_codes: String
      http_method: String
      max_retries: Integer
      pool: String
      tenant_id: String
      timeout: Integer
      type: String
      url_path: String

OS::Octavia::L7Policy

Available since 10.0.0 (Queens)

A resource for managing octavia L7Policies.

This resource manages L7Policies, which represent a collection of L7Rules. L7Policy holds the action that should be performed when the rules are matched (Redirect to Pool, Redirect to URL, Reject). L7Policy holds a Listener id, so a Listener can evaluate a collection of L7Policies. L7Policy will return True when all of the L7Rules that belong to this L7Policy are matched. L7Policies under a specific Listener are ordered and the first l7Policy that returns a match will be executed. When none of the policies match the request gets forwarded to listener.default_pool_id.

Required Properties

action
Action type of the policy.
String value expected.
Can be updated without replacement.
Allowed values: “REJECT”, “REDIRECT_TO_POOL”, “REDIRECT_TO_URL”
listener
ID or name of the listener this policy belongs to.
String value expected.
Updates cause replacement.
Value must be of type octavia.listener

Optional Properties

admin_state_up
The administrative state of the policy.
Boolean value expected.
Can be updated without replacement.
Defaults to true
description
Description of the policy.
String value expected.
Can be updated without replacement.
name
Name of the policy.
String value expected.
Can be updated without replacement.
position
L7 policy position in ordered policies list. This must be an integer starting from 1. If not specified, policy will be placed at the tail of existing policies list.
Number value expected.
Can be updated without replacement.
The value must be at least 1.
redirect_pool
ID or name of the pool for REDIRECT_TO_POOL action type.
String value expected.
Can be updated without replacement.
Value must be of type octavia.pool
redirect_url
URL for REDIRECT_TO_URL action type. This should be a valid URL string.
String value expected.
Can be updated without replacement.

Attributes

rules

L7Rules associated with this policy.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Octavia::L7Policy
    properties:
      action: String
      admin_state_up: Boolean
      description: String
      listener: String
      name: String
      position: Number
      redirect_pool: String
      redirect_url: String

OS::Octavia::L7Rule

Available since 10.0.0 (Queens)

A resource for managing octavia L7Rules.

This resource manages L7Rules, which represent a set of attributes that defines which part of the request should be matched and how it should be matched.

Required Properties

compare_type
Rule compare type.
String value expected.
Can be updated without replacement.
Allowed values: “REGEX”, “STARTS_WITH”, “ENDS_WITH”, “CONTAINS”, “EQUAL_TO”
l7policy
ID or name of L7 policy this rule belongs to.
String value expected.
Updates cause replacement.
Value must be of type octavia.l7policy
type
Rule type.
String value expected.
Can be updated without replacement.
Allowed values: “HOST_NAME”, “PATH”, “FILE_TYPE”, “HEADER”, “COOKIE”
value
Value to compare.
String value expected.
Can be updated without replacement.

Optional Properties

admin_state_up
The administrative state of the rule.
Boolean value expected.
Can be updated without replacement.
Defaults to true
invert
Invert the compare type.
Boolean value expected.
Can be updated without replacement.
Defaults to false
key
Key to compare. Relevant for HEADER and COOKIE types only.
String value expected.
Can be updated without replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Octavia::L7Rule
    properties:
      admin_state_up: Boolean
      compare_type: String
      invert: Boolean
      key: String
      l7policy: String
      type: String
      value: String

OS::Octavia::Listener

Available since 10.0.0 (Queens)

A resource for managing octavia Listeners.

This resource creates and manages Neutron octavia Listeners, which represent a listening endpoint for the vip.

Required Properties

protocol
Protocol on which to listen for the client traffic.
String value expected.
Updates cause replacement.
Allowed values: “TCP”, “HTTP”, “HTTPS”, “TERMINATED_HTTPS”, “PROXY”, “UDP”
protocol_port
TCP or UDP port on which to listen for client traffic.
Integer value expected.
Updates cause replacement.
The value must be in the range 1 to 65535.

Optional Properties

admin_state_up
The administrative state of this listener.
Boolean value expected.
Can be updated without replacement.
Defaults to true
allowed_cidrs

Available since 14.0.0 (Ussuri)

A list of IPv4, IPv6 or mix of both CIDRs. The default is all allowed. When a list of CIDRs is provided, the default switches to deny all.
List value expected.
Can be updated without replacement.
List contents:
Optional.
String value expected.
Can be updated without replacement.
Value must be of type net_cidr
connection_limit
The maximum number of connections permitted for this load balancer. Defaults to -1, which is infinite.
Integer value expected.
Can be updated without replacement.
Defaults to -1
The value must be at least -1.
default_pool
ID or name of the default pool for the listener.
String value expected.
Can be updated without replacement.
Value must be of type octavia.pool
default_tls_container_ref
Default TLS container reference to retrieve TLS information.
String value expected.
Can be updated without replacement.
description
Description of this listener.
String value expected.
Can be updated without replacement.
Defaults to ""
loadbalancer
ID or name of the load balancer with which listener is associated.
String value expected.
Updates cause replacement.
Value must be of type octavia.loadbalancer
name
Name of this listener.
String value expected.
Can be updated without replacement.
sni_container_refs
List of TLS container references for SNI.
List value expected.
Can be updated without replacement.
tenant_id
The ID of the tenant who owns the listener.
String value expected.
Updates cause replacement.

Attributes

default_pool_id

ID of the default pool this listener is associated to.

loadbalancers

ID of the load balancer this listener is associated to.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Octavia::Listener
    properties:
      admin_state_up: Boolean
      allowed_cidrs: [String, String, ...]
      connection_limit: Integer
      default_pool: String
      default_tls_container_ref: String
      description: String
      loadbalancer: String
      name: String
      protocol: String
      protocol_port: Integer
      sni_container_refs: [Value, Value, ...]
      tenant_id: String

OS::Octavia::LoadBalancer

Available since 10.0.0 (Queens)

A resource for creating octavia Load Balancers.

This resource creates and manages octavia Load Balancers, which allows traffic to be directed between servers.

Required Properties

vip_subnet
The name or ID of the subnet on which to allocate the VIP address.
String value expected.
Updates cause replacement.
Value must be of type neutron.subnet

Optional Properties

admin_state_up
The administrative state of this Load Balancer.
Boolean value expected.
Can be updated without replacement.
Defaults to true
description
Description of this Load Balancer.
String value expected.
Can be updated without replacement.
Defaults to ""
flavor

Available since 14.0.0 (Ussuri)

The name or ID of the flavor of the Load Balancer.
String value expected.
Updates cause replacement.
Value must be of type octavia.flavor
name
Name of this Load Balancer.
String value expected.
Can be updated without replacement.
provider
Provider for this Load Balancer.
String value expected.
Updates cause replacement.
tenant_id
The ID of the tenant who owns the Load Balancer. Only administrative users can specify a tenant ID other than their own.
String value expected.
Updates cause replacement.
Value must be of type keystone.project
vip_address
IP address for the VIP.
String value expected.
Updates cause replacement.
Value must be of type ip_addr

Attributes

flavor_id

The flavor ID of the LoadBalancer.

pools

Pools this LoadBalancer is associated with.

show

Detailed information about resource.

vip_address

The VIP address of the LoadBalancer.

vip_port_id

The VIP port of the LoadBalancer.

vip_subnet_id

The VIP subnet of the LoadBalancer.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Octavia::LoadBalancer
    properties:
      admin_state_up: Boolean
      description: String
      flavor: String
      name: String
      provider: String
      tenant_id: String
      vip_address: String
      vip_subnet: String

OS::Octavia::Pool

Available since 10.0.0 (Queens)

A resource for managing Octavia Pools.

This resources manages octavia LBaaS Pools, which represent a group of nodes. Pools define the subnet where nodes reside, balancing algorithm, and the nodes themselves.

Required Properties

lb_algorithm
The algorithm used to distribute load between the members of the pool.
String value expected.
Can be updated without replacement.
Allowed values: “ROUND_ROBIN”, “LEAST_CONNECTIONS”, “SOURCE_IP”, “SOURCE_IP_PORT”
protocol
Protocol of the pool.
String value expected.
Updates cause replacement.
Allowed values: “TCP”, “HTTP”, “HTTPS”, “TERMINATED_HTTPS”, “PROXY”, “UDP”

Optional Properties

admin_state_up
The administrative state of this pool.
Boolean value expected.
Can be updated without replacement.
Defaults to true
description
Description of this pool.
String value expected.
Can be updated without replacement.
Defaults to ""
listener
Listener name or ID to be associated with this pool.
String value expected.
Updates cause replacement.
Value must be of type octavia.listener
loadbalancer
Loadbalancer name or ID to be associated with this pool.
String value expected.
Updates cause replacement.
Value must be of type octavia.loadbalancer
name
Name of this pool.
String value expected.
Can be updated without replacement.
session_persistence
Configuration of session persistence.
Map value expected.
Updates cause replacement.
Map properties:
type
Required.
Method of implementation of session persistence feature.
String value expected.
Updates cause replacement.
Allowed values: “SOURCE_IP”, “HTTP_COOKIE”, “APP_COOKIE”
tls_enabled

Available since 14.0.0 (Ussuri)

Enable backend member re-encryption.
Boolean value expected.
Can be updated without replacement.
Defaults to false

Attributes

healthmonitor_id

ID of the health monitor associated with this pool.

listeners

Listener associated with this pool.

members

Members associated with this pool.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Octavia::Pool
    properties:
      admin_state_up: Boolean
      description: String
      lb_algorithm: String
      listener: String
      loadbalancer: String
      name: String
      protocol: String
      session_persistence: {"type": String, "cookie_name": String}
      tls_enabled: Boolean

OS::Octavia::PoolMember

Available since 10.0.0 (Queens)

A resource for managing Octavia Pool Members.

A pool member represents a single backend node.

Required Properties

address
IP address of the pool member on the pool network.
String value expected.
Updates cause replacement.
Value must be of type ip_addr
pool
Name or ID of the load balancing pool.
String value expected.
Updates cause replacement.
Value must be of type octavia.pool
protocol_port
Port on which the pool member listens for requests or connections.
Integer value expected.
Updates cause replacement.
The value must be in the range 1 to 65535.

Optional Properties

admin_state_up
The administrative state of the pool member.
Boolean value expected.
Can be updated without replacement.
Defaults to true
monitor_address
Alternate IP address which health monitor can use for health check.
String value expected.
Updates cause replacement.
Value must be of type ip_addr
monitor_port
Alternate Port which health monitor can use for health check.
Integer value expected.
Updates cause replacement.
The value must be in the range 1 to 65535.
subnet
Subnet name or ID of this member.
String value expected.
Updates cause replacement.
Value must be of type neutron.subnet
tags

Available since 13.0.0 (Train)

A list of simple strings assigned to the member. The property is supported with Stein Octavia or newer version.
List value expected.
Can be updated without replacement.
weight
Weight of pool member in the pool (default to 1).
Integer value expected.
Can be updated without replacement.
Defaults to 1
The value must be in the range 0 to 256.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Octavia::PoolMember
    properties:
      address: String
      admin_state_up: Boolean
      monitor_address: String
      monitor_port: Integer
      pool: String
      protocol_port: Integer
      subnet: String
      tags: [Value, Value, ...]
      weight: Integer

OS::Octavia::Quota

Available since 14.0.0 (Ussuri)

A resource for creating Octavia quotas.

Ocatavia Quota is used to manage operational limits for Octavia. Currently, this resource can manage Octavia’s quotas for:

  • healthmonitor

  • listener

  • loadbalancer

  • pool

  • member

Note that default octavia security policy usage of this resource is limited to being used by administrators only. Administrators should be careful to create only one Octavia Quota resource per project, otherwise it will be hard for them to manage the quota properly.

Required Properties

project
Name or id of the project to set the quota for.
String value expected.
Updates cause replacement.
Value must be of type keystone.project

Optional Properties

healthmonitor
Quota for the number of healthmonitors. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
listener
Quota for the number of listeners. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
loadbalancer
Quota for the number of load balancers. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
member
Quota for the number of m. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.
pool
Quota for the number of pools. Setting the value to -1 removes the limit.
Integer value expected.
Can be updated without replacement.
The value must be at least -1.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Octavia::Quota
    properties:
      healthmonitor: Integer
      listener: Integer
      loadbalancer: Integer
      member: Integer
      pool: Integer
      project: String

OS::Sahara::Cluster

A resource for managing Sahara clusters.

The Cluster entity represents a collection of VM instances that all have the same data processing framework installed. It is mainly characterized by a VM image with a pre-installed framework which will be used for cluster deployment. Users may choose one of the pre-configured Cluster Templates to start a Cluster. To get access to VMs after a Cluster has started, the user should specify a keypair.

Required Properties

cluster_template_id
ID of the Cluster Template used for Node Groups and configurations.
String value expected.
Updates cause replacement.
Value must be of type sahara.cluster_template
hadoop_version
Version of Hadoop running on instances.
String value expected.
Updates cause replacement.
neutron_management_network
Name or UUID of network.
String value expected.
Updates cause replacement.
Value must be of type neutron.network
plugin_name
Plugin name.
String value expected.
Updates cause replacement.
Value must be of type sahara.plugin

Optional Properties

default_image_id

Available since 2015.1 (Kilo)

Default name or UUID of the image used to boot Hadoop nodes.
String value expected.
Updates cause replacement.
Value must be of type sahara.image
key_name
Keypair added to instances to make them accessible for user.
String value expected.
Updates cause replacement.
Value must be of type nova.keypair
name
Hadoop cluster name.
String value expected.
Updates cause replacement.
The length must be in the range 1 to 80.
Value must match pattern: ^(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z]|[A-Za-z][A-Za-z0-9-]*[A-Za-z0-9])$
shares

Available since 6.0.0 (Mitaka)

List of manila shares to be mounted.
List value expected.
Updates cause replacement.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
access_level
Optional.
Governs permissions set in manila for the cluster ips.
String value expected.
Updates cause replacement.
Defaults to "rw"
Allowed values: “rw”, “ro”
id
Required.
Id of the manila share.
String value expected.
Updates cause replacement.
path
Optional.
Local path on each cluster node on which to mount the share. Defaults to ‘/mnt/{share_id}’.
String value expected.
Updates cause replacement.
use_autoconfig

Available since 5.0.0 (Liberty)

Configure most important configs automatically.
Boolean value expected.
Updates cause replacement.

Attributes

info

Cluster information.

show

Detailed information about resource.

status

Cluster status.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Sahara::Cluster
    properties:
      cluster_template_id: String
      default_image_id: String
      hadoop_version: String
      key_name: String
      name: String
      neutron_management_network: String
      plugin_name: String
      shares: [{"id": String, "path": String, "access_level": String}, {"id": String, "path": String, "access_level": String}, ...]
      use_autoconfig: Boolean

OS::Sahara::ClusterTemplate

Available since 2014.2 (Juno)

A resource for managing Sahara cluster templates.

A Cluster Template is designed to bring Node Group Templates together to form a Cluster. A Cluster Template defines what Node Groups will be included and how many instances will be created in each. Some data processing framework configurations can not be applied to a single node, but to a whole Cluster. A user can specify these kinds of configurations in a Cluster Template. Sahara enables users to specify which processes should be added to an anti-affinity group within a Cluster Template. If a process is included into an anti-affinity group, it means that VMs where this process is going to be launched should be scheduled to different hardware hosts.

Required Properties

hadoop_version
Version of Hadoop running on instances.
String value expected.
Can be updated without replacement.
plugin_name
Plugin name.
String value expected.
Can be updated without replacement.
Value must be of type sahara.plugin

Optional Properties

anti_affinity
List of processes to enable anti-affinity for.
List value expected.
Can be updated without replacement.
List contents:
Optional.
String value expected.
Can be updated without replacement.
cluster_configs
Cluster configs dictionary.
Map value expected.
Can be updated without replacement.
default_image_id
ID of the default image to use for the template.
String value expected.
Can be updated without replacement.
Value must be of type sahara.image
description
Description of the Sahara Group Template.
String value expected.
Can be updated without replacement.
Defaults to ""
name
Name for the Sahara Cluster Template.
String value expected.
Can be updated without replacement.
The length must be in the range 1 to 50.
Value must match pattern: ^(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z]|[A-Za-z][A-Za-z0-9-]*[A-Za-z0-9])$
neutron_management_network
Name or UUID of network.
String value expected.
Can be updated without replacement.
Value must be of type neutron.network
node_groups
Node groups.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
count
Required.
Number of instances in the Node group.
Integer value expected.
Can be updated without replacement.
The value must be at least 1.
name
Required.
Name of the Node group.
String value expected.
Can be updated without replacement.
node_group_template_id
Required.
ID of the Node Group Template.
String value expected.
Can be updated without replacement.
shares

Available since 6.0.0 (Mitaka)

List of manila shares to be mounted.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
access_level
Optional.
Governs permissions set in manila for the cluster ips.
String value expected.
Can be updated without replacement.
Defaults to "rw"
Allowed values: “rw”, “ro”
id
Required.
Id of the manila share.
String value expected.
Can be updated without replacement.
path
Optional.
Local path on each cluster node on which to mount the share. Defaults to ‘/mnt/{share_id}’.
String value expected.
Can be updated without replacement.
use_autoconfig

Available since 5.0.0 (Liberty)

Configure most important configs automatically.
Boolean value expected.
Updates cause replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Sahara::ClusterTemplate
    properties:
      anti_affinity: [String, String, ...]
      cluster_configs: {...}
      default_image_id: String
      description: String
      hadoop_version: String
      name: String
      neutron_management_network: String
      node_groups: [{"name": String, "count": Integer, "node_group_template_id": String}, {"name": String, "count": Integer, "node_group_template_id": String}, ...]
      plugin_name: String
      shares: [{"id": String, "path": String, "access_level": String}, {"id": String, "path": String, "access_level": String}, ...]
      use_autoconfig: Boolean

OS::Sahara::DataSource

Available since 5.0.0 (Liberty)

A resource for creating sahara data source.

A data source stores an URL which designates the location of input or output data and any credentials needed to access the location.

Required Properties

type
Type of the data source.
String value expected.
Can be updated without replacement.
Allowed values: “swift”, “hdfs”, “maprfs”, “manila”
url
URL for the data source.
String value expected.
Can be updated without replacement.

Optional Properties

credentials
Credentials used for swift. Not required if sahara is configured to use proxy users and delegated trusts for access.
Map value expected.
Can be updated without replacement.
Map properties:
password
Required.
Password for accessing the data source URL.
String value expected.
Can be updated without replacement.
user
Required.
Username for accessing the data source URL.
String value expected.
Can be updated without replacement.
description
Description of the data source.
String value expected.
Can be updated without replacement.
Defaults to ""
name
Name of the data source.
String value expected.
Can be updated without replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Sahara::DataSource
    properties:
      credentials: {"user": String, "password": String}
      description: String
      name: String
      type: String
      url: String

OS::Sahara::ImageRegistry

Available since 6.0.0 (Mitaka)

A resource for registering an image in sahara.

Allows to register an image in the sahara image registry and add tags.

Required Properties

image
ID or name of the image to register.
String value expected.
Updates cause replacement.
Value must be of type glance.image
username
Username of privileged user in the image.
String value expected.
Can be updated without replacement.

Optional Properties

description
Description of the image.
String value expected.
Can be updated without replacement.
Defaults to ""
tags
Tags to add to the image.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Sahara::ImageRegistry
    properties:
      description: String
      image: String
      tags: [String, String, ...]
      username: String

OS::Sahara::Job

Available since 8.0.0 (Ocata)

A resource for creating Sahara Job.

A job specifies the type of the job and lists all of the individual job binary objects. Can be launched using resource-signal.

Required Properties

type
Type of the job.
String value expected.
Updates cause replacement.
Value must be of type sahara.job_type

Optional Properties

default_execution_data
Default execution data to use when run signal.
Map value expected.
Can be updated without replacement.
Map properties:
args
Arguments to add to the job.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Optional.
String value expected.
Can be updated without replacement.
cluster
Required.
ID or name of the cluster to run the job in.
String value expected.
Can be updated without replacement.
Value must be of type sahara.cluster
configs
Config parameters to add to the job.
Map value expected.
Can be updated without replacement.
Defaults to {}
input
Optional.
ID or name of the input data source.
String value expected.
Can be updated without replacement.
Value must be of type sahara.data_source
interface
Interface arguments to add to the job.
Map value expected.
Can be updated without replacement.
Defaults to {}
is_public
Optional.
If True, execution will be shared across the tenants.
Boolean value expected.
Can be updated without replacement.
Defaults to false
output
Optional.
ID or name of the output data source.
String value expected.
Can be updated without replacement.
Value must be of type sahara.data_source
params
Parameters to add to the job.
Map value expected.
Can be updated without replacement.
Defaults to {}
description
Description of the job.
String value expected.
Can be updated without replacement.
is_protected
If True, job will be protected from modifications and can not be deleted until this property is set to False.
Boolean value expected.
Can be updated without replacement.
Defaults to false
is_public
If True, job will be shared across the tenants.
Boolean value expected.
Can be updated without replacement.
Defaults to false
libs
IDs or names of job’s lib job binaries.
List value expected.
Updates cause replacement.
Defaults to []
List contents:
Optional.
String value expected.
Updates cause replacement.
Value must be of type sahara.job_binary
mains
IDs or names of job’s main job binary. In case of specific Sahara service, this property designed as a list, but accepts only one item.
List value expected.
Updates cause replacement.
Defaults to []
The length must be no greater than 1.
List contents:
Optional.
ID of job’s main job binary.
String value expected.
Updates cause replacement.
Value must be of type sahara.job_binary
name
Name of the job.
String value expected.
Can be updated without replacement.
The length must be in the range 1 to 50.
Value must match pattern: ^[a-zA-Z0-9][a-zA-Z0-9-_.]*$

Attributes

default_execution_url

A signed url to create execution specified in default_execution_data property.

executions

List of the job executions.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Sahara::Job
    properties:
      default_execution_data: {"cluster": String, "input": String, "output": String, "configs": {...}, "params": {...}, "args": [String, String, ...], "is_public": Boolean, "interface": {...}}
      description: String
      is_protected: Boolean
      is_public: Boolean
      libs: [String, String, ...]
      mains: [String, String, ...]
      name: String
      type: String

OS::Sahara::JobBinary

Available since 5.0.0 (Liberty)

A resource for creating sahara job binary.

A job binary stores an URL to a single script or Jar file and any credentials needed to retrieve the file.

Required Properties

url
URL for the job binary. Must be in the format swift://<container>/<path> or internal-db://<uuid>.
String value expected.
Can be updated without replacement.

Optional Properties

credentials
Credentials used for swift. Not required if sahara is configured to use proxy users and delegated trusts for access.
Map value expected.
Can be updated without replacement.
Map properties:
password
Required.
Password for accessing the job binary URL.
String value expected.
Can be updated without replacement.
user
Required.
Username for accessing the job binary URL.
String value expected.
Can be updated without replacement.
description
Description of the job binary.
String value expected.
Can be updated without replacement.
Defaults to ""
name
Name of the job binary.
String value expected.
Can be updated without replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Sahara::JobBinary
    properties:
      credentials: {"user": String, "password": String}
      description: String
      name: String
      url: String

OS::Sahara::NodeGroupTemplate

Available since 2014.2 (Juno)

A resource for managing Sahara node group templates.

A Node Group Template describes a group of nodes within cluster. It contains a list of hadoop processes that will be launched on each instance in a group. Also a Node Group Template may provide node scoped configurations for those processes.

Required Properties

flavor
Name or ID Nova flavor for the nodes.
String value expected.
Can be updated without replacement.
Value must be of type nova.flavor
hadoop_version
Version of Hadoop running on instances.
String value expected.
Can be updated without replacement.
node_processes
List of processes to run on every node.
List value expected.
Can be updated without replacement.
The length must be at least 1.
List contents:
Optional.
String value expected.
Can be updated without replacement.
plugin_name
Plugin name.
String value expected.
Can be updated without replacement.
Value must be of type sahara.plugin

Optional Properties

auto_security_group
Defines whether auto-assign security group to this Node Group template.
Boolean value expected.
Can be updated without replacement.
availability_zone
Availability zone to create servers in.
String value expected.
Can be updated without replacement.
description
Description of the Node Group Template.
String value expected.
Can be updated without replacement.
Defaults to ""
floating_ip_pool
Name or UUID of the Neutron floating IP network or name of the Nova floating ip pool to use. Should not be provided when used with Nova-network that auto-assign floating IPs.
String value expected.
Can be updated without replacement.
image_id
ID of the image to use for the template.
String value expected.
Can be updated without replacement.
Value must be of type sahara.image
is_proxy_gateway

Available since 5.0.0 (Liberty)

Provide access to nodes using other nodes of the cluster as proxy gateways.
Boolean value expected.
Can be updated without replacement.
name
Name for the Sahara Node Group Template.
String value expected.
Can be updated without replacement.
The length must be in the range 1 to 50.
Value must match pattern: ^(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z]|[A-Za-z][A-Za-z0-9-]*[A-Za-z0-9])$
node_configs
Dictionary of node configurations.
Map value expected.
Can be updated without replacement.
security_groups
List of security group names or IDs to assign to this Node Group template.
List value expected.
Can be updated without replacement.
List contents:
Optional.
String value expected.
Can be updated without replacement.
shares

Available since 6.0.0 (Mitaka)

List of manila shares to be mounted.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
access_level
Optional.
Governs permissions set in manila for the cluster ips.
String value expected.
Can be updated without replacement.
Defaults to "rw"
Allowed values: “rw”, “ro”
id
Required.
Id of the manila share.
String value expected.
Can be updated without replacement.
path
Optional.
Local path on each cluster node on which to mount the share. Defaults to ‘/mnt/{share_id}’.
String value expected.
Can be updated without replacement.
use_autoconfig

Available since 5.0.0 (Liberty)

Configure most important configs automatically.
Boolean value expected.
Can be updated without replacement.
volume_local_to_instance

Available since 5.0.0 (Liberty)

Create volumes on the same physical port as an instance.
Boolean value expected.
Can be updated without replacement.
volume_type
Type of the volume to create on Cinder backend.
String value expected.
Can be updated without replacement.
Value must be of type cinder.vtype
volumes_availability_zone
Availability zone to create volumes in.
String value expected.
Can be updated without replacement.
volumes_per_node
Volumes per node.
Integer value expected.
Can be updated without replacement.
Defaults to 0
The value must be at least 0.
volumes_size
Size of the volumes, in GB.
Integer value expected.
Can be updated without replacement.
The value must be at least 1.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Sahara::NodeGroupTemplate
    properties:
      auto_security_group: Boolean
      availability_zone: String
      description: String
      flavor: String
      floating_ip_pool: String
      hadoop_version: String
      image_id: String
      is_proxy_gateway: Boolean
      name: String
      node_configs: {...}
      node_processes: [String, String, ...]
      plugin_name: String
      security_groups: [String, String, ...]
      shares: [{"id": String, "path": String, "access_level": String}, {"id": String, "path": String, "access_level": String}, ...]
      use_autoconfig: Boolean
      volume_local_to_instance: Boolean
      volume_type: String
      volumes_availability_zone: String
      volumes_per_node: Integer
      volumes_size: Integer

OS::Senlin::Cluster

Available since 6.0.0 (Mitaka)

A resource that creates a Senlin Cluster.

Cluster resource in senlin can create and manage objects of the same nature, e.g. Nova servers, Heat stacks, Cinder volumes, etc. The collection of these objects is referred to as a cluster.

Required Properties

profile
The name or id of the Senlin profile.
String value expected.
Can be updated without replacement.
Value must be of type senlin.profile

Optional Properties

desired_capacity
Desired initial number of resources in cluster.
Integer value expected.
Can be updated without replacement.
Defaults to 0
max_size
Maximum number of resources in the cluster. -1 means unlimited.
Integer value expected.
Can be updated without replacement.
Defaults to -1
The value must be at least -1.
metadata
Metadata key-values defined for cluster.
Map value expected.
Can be updated without replacement.
Defaults to {}
min_size
Minimum number of resources in the cluster.
Integer value expected.
Can be updated without replacement.
Defaults to 0
The value must be at least 0.
name
Name of the cluster. By default, physical resource name is used.
String value expected.
Can be updated without replacement.
policies

Available since 8.0.0 (Ocata)

A list of policies to attach to this cluster.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
enabled
Optional.
Whether enable this policy on this cluster.
Boolean value expected.
Can be updated without replacement.
Defaults to true
policy
Required.
The name or ID of the policy.
String value expected.
Can be updated without replacement.
Value must be of type senlin.policy
timeout
The number of seconds to wait for the cluster actions.
Integer value expected.
Can be updated without replacement.
The value must be at least 0.

Attributes

collect

Available since 8.0.0 (Ocata)

Attributes collected from cluster. According to the jsonpath following this attribute, it will return a list of attributes collected from the nodes of this cluster.

desired_capacity

Desired capacity of the cluster.

max_size

Max size of the cluster.

metadata

Cluster metadata.

min_size

Min size of the cluster.

name

Cluster name.

nodes

Nodes list in the cluster.

policies

Available since 8.0.0 (Ocata)

Policies attached to the cluster.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Senlin::Cluster
    properties:
      desired_capacity: Integer
      max_size: Integer
      metadata: {...}
      min_size: Integer
      name: String
      policies: [{"policy": String, "enabled": Boolean}, {"policy": String, "enabled": Boolean}, ...]
      profile: String
      timeout: Integer

OS::Senlin::Node

Available since 6.0.0 (Mitaka)

A resource that creates a Senlin Node.

Node is an object that belongs to at most one Cluster, it can be created based on a profile.

Required Properties

profile
Name or ID of senlin profile to create this node.
String value expected.
Can be updated without replacement.
Value must be of type senlin.profile

Optional Properties

cluster

Available since 8.0.0 (Ocata)

The name of senlin cluster to attach to.
String value expected.
Can be updated without replacement.
Value must be of type senlin.cluster
metadata
Metadata key-values defined for node.
Map value expected.
Can be updated without replacement.
name
Name of the senlin node. By default, physical resource name is used.
String value expected.
Can be updated without replacement.

Attributes

cluster_id

The cluster ID this node belongs to.

details

The details of physical object.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Senlin::Node
    properties:
      cluster: String
      metadata: {...}
      name: String
      profile: String

OS::Senlin::Policy

Available since 6.0.0 (Mitaka)

A resource that creates a Senlin Policy.

A policy is a set of rules that can be checked and/or enforced when an action is performed on a Cluster.

Required Properties

type
The type of senlin policy.
String value expected.
Updates cause replacement.
Value must be of type senlin.policy_type

Optional Properties

bindings
A list of clusters to which this policy is attached.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
cluster
Required.
The name or ID of target cluster.
String value expected.
Can be updated without replacement.
Value must be of type senlin.cluster
enabled
Optional.
Whether enable this policy on that cluster.
Boolean value expected.
Can be updated without replacement.
Defaults to true
name
Name of the senlin policy. By default, physical resource name is used.
String value expected.
Can be updated without replacement.
properties
Properties of this policy.
Map value expected.
Updates cause replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Senlin::Policy
    properties:
      bindings: [{"cluster": String, "enabled": Boolean}, {"cluster": String, "enabled": Boolean}, ...]
      name: String
      properties: {...}
      type: String

OS::Senlin::Profile

Available since 6.0.0 (Mitaka)

A resource that creates a Senlin Profile.

Profile resource in senlin is a template describing how to create nodes in cluster.

Required Properties

type
The type of profile.
String value expected.
Updates cause replacement.
Value must be of type senlin.profile_type

Optional Properties

metadata
Metadata key-values defined for profile.
Map value expected.
Can be updated without replacement.
name
Name of the senlin profile. By default, physical resource name is used.
String value expected.
Can be updated without replacement.
properties
Properties for profile.
Map value expected.
Updates cause replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Senlin::Profile
    properties:
      metadata: {...}
      name: String
      properties: {...}
      type: String

OS::Senlin::Receiver

Available since 6.0.0 (Mitaka)

A resource that creates Senlin Receiver.

Receiver is an abstract resource created at the senlin engine that can be used to hook the engine to some external event/alarm sources.

Required Properties

action
The action to be executed when the receiver is signaled.
String value expected.
Updates cause replacement.
Allowed values: “CLUSTER_SCALE_OUT”, “CLUSTER_SCALE_IN”
cluster
Name or ID of target cluster.
String value expected.
Updates cause replacement.
Value must be of type senlin.cluster

Optional Properties

name
Name of the senlin receiver. By default, physical resource name is used.
String value expected.
Updates cause replacement.
params
The parameters passed to action when the receiver is signaled.
Map value expected.
Updates cause replacement.
type
Type of receiver.
String value expected.
Updates cause replacement.
Defaults to "webhook"
Allowed values: “webhook”

Attributes

channel

The channel for receiving signals.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Senlin::Receiver
    properties:
      action: String
      cluster: String
      name: String
      params: {...}
      type: String

OS::Swift::Container

A resource for managing Swift containers.

A container defines a namespace for objects. An object with the same name in two different containers represents two different objects.

Optional Properties

PurgeOnDelete

Available since 2015.1 (Kilo)

If True, delete any objects in the container when the container is deleted. Otherwise, deleting a non-empty container will result in an error.
Boolean value expected.
Updates cause replacement.
Defaults to false
X-Account-Meta
A map of user-defined meta data to associate with the account. Each key in the map will set the header X-Account-Meta-{key} with the corresponding value.
Map value expected.
Updates cause replacement.
Defaults to {}
X-Container-Meta
A map of user-defined meta data to associate with the container. Each key in the map will set the header X-Container-Meta-{key} with the corresponding value.
Map value expected.
Updates cause replacement.
Defaults to {}
X-Container-Read
Specify the ACL permissions on who can read objects in the container.
String value expected.
Updates cause replacement.
X-Container-Write
Specify the ACL permissions on who can write objects to the container.
String value expected.
Updates cause replacement.
name
Name for the container. If not specified, a unique name will be generated.
String value expected.
Updates cause replacement.

Attributes

BytesUsed

The number of bytes stored in the container.

DomainName

The host from the container URL.

HeadContainer

A map containing all headers for the container.

ObjectCount

The number of objects stored in the container.

RootURL

The parent URL of the container.

WebsiteURL

The URL of the container.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Swift::Container
    properties:
      PurgeOnDelete: Boolean
      X-Account-Meta: {...}
      X-Container-Meta: {...}
      X-Container-Read: String
      X-Container-Write: String
      name: String

OS::Trove::Cluster

Available since 2015.1 (Kilo)

A resource for managing Trove clusters.

A Cluster is an opaque cluster used to store Database clusters.

Required Properties

datastore_type
Name of registered datastore type.
String value expected.
Updates cause replacement.
The length must be no greater than 255.
datastore_version
Name of the registered datastore version. It must exist for provided datastore type. Defaults to using single active version. If several active versions exist for provided datastore type, explicit value for this parameter must be specified.
String value expected.
Updates cause replacement.
The length must be no greater than 255.
instances
List of database instances.
List value expected.
Updates cause replacement.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
availability_zone

Available since 14.0.0 (Ussuri)

Optional.
Name of the availability zone for DB instance.
String value expected.
Updates cause replacement.
flavor
Required.
Flavor of the instance.
String value expected.
Updates cause replacement.
Value must be of type trove.flavor
networks

Available since 10.0.0 (Queens)

List of network interfaces to create on instance.
List value expected.
Updates cause replacement.
Defaults to []
List contents:
Map value expected.
Updates cause replacement.
Map properties:
fixed_ip
Optional.
Fixed IPv4 address for this NIC.
String value expected.
Updates cause replacement.
Value must be of type ip_addr
network
Optional.
Name or UUID of the network to attach this NIC to. Either port or network must be specified.
String value expected.
Updates cause replacement.
Value must be of type neutron.network
port
Optional.
Name or UUID of Neutron port to attach this NIC to. Either port or network must be specified.
String value expected.
Updates cause replacement.
Value must be of type neutron.port
volume_size
Required.
Size of the instance disk volume in GB.
Integer value expected.
Updates cause replacement.
The value must be in the range 1 to 150.

Optional Properties

name
Name of the cluster to create.
String value expected.
Updates cause replacement.
The length must be no greater than 255.

Attributes

instances

A list of instances ids.

ip

A list of cluster instance IPs.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Trove::Cluster
    properties:
      datastore_type: String
      datastore_version: String
      instances: [{"flavor": String, "volume_size": Integer, "networks": [{"network": String, "port": String, "fixed_ip": String}, {"network": String, "port": String, "fixed_ip": String}, ...], "availability_zone": String}, {"flavor": String, "volume_size": Integer, "networks": [{"network": String, "port": String, "fixed_ip": String}, {"network": String, "port": String, "fixed_ip": String}, ...], "availability_zone": String}, ...]
      name: String

OS::Trove::Instance

Available since 2014.1 (Icehouse)

OpenStack cloud database instance resource.

Trove is Database as a Service for OpenStack. It’s designed to run entirely on OpenStack, with the goal of allowing users to quickly and easily utilize the features of a relational or non-relational database without the burden of handling complex administrative tasks.

Required Properties

flavor
Reference to a flavor for creating DB instance.
String value expected.
Can be updated without replacement.
Value must be of type trove.flavor
size
Database volume size in GB.
Integer value expected.
Can be updated without replacement.
The value must be in the range 1 to 150.

Optional Properties

availability_zone
Name of the availability zone for DB instance.
String value expected.
Updates cause replacement.
databases
List of databases to be created on DB instance creation.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
character_set
Optional.
Set of symbols and encodings.
String value expected.
Can be updated without replacement.
Defaults to "utf8"
collate
Optional.
Set of rules for comparing characters in a character set.
String value expected.
Can be updated without replacement.
Defaults to "utf8_general_ci"
name
Required.
Specifies database names for creating databases on instance creation.
String value expected.
Can be updated without replacement.
The length must be no greater than 64.
Value must match pattern: [a-zA-Z0-9_-]+[a-zA-Z0-9_@?#\s-]*[a-zA-Z0-9_-]+
datastore_type
Name of registered datastore type.
String value expected.
Updates cause replacement.
The length must be no greater than 255.
datastore_version
Name of the registered datastore version. It must exist for provided datastore type. Defaults to using single active version. If several active versions exist for provided datastore type, explicit value for this parameter must be specified.
String value expected.
Updates cause replacement.
The length must be no greater than 255.
name
Name of the DB instance to create.
String value expected.
Can be updated without replacement.
The length must be no greater than 255.
networks
List of network interfaces to create on instance.
List value expected.
Updates cause replacement.
Defaults to []
List contents:
Map value expected.
Updates cause replacement.
Map properties:
fixed_ip
Optional.
Fixed IPv4 address for this NIC.
String value expected.
Updates cause replacement.
Value must be of type ip_addr
network
Optional.
Name or UUID of the network to attach this NIC to. Either port or network must be specified.
String value expected.
Updates cause replacement.
Value must be of type neutron.network
port
Optional.
Name or UUID of Neutron port to attach this NIC to. Either port or network must be specified.
String value expected.
Updates cause replacement.
Value must be of type neutron.port
replica_count

Available since 5.0.0 (Liberty)

The number of replicas to be created.
Integer value expected.
Updates cause replacement.
replica_of

Available since 5.0.0 (Liberty)

Identifier of the source instance to replicate.
String value expected.
Updates cause replacement.
restore_point
DB instance restore point.
String value expected.
Updates cause replacement.
users
List of users to be created on DB instance creation.
List value expected.
Can be updated without replacement.
Defaults to []
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
databases
Names of databases that those users can access on instance creation.
List value expected.
Can be updated without replacement.
The length must be at least 1.
List contents:
Optional.
String value expected.
Can be updated without replacement.
host
Optional.
The host from which a user is allowed to connect to the database.
String value expected.
Can be updated without replacement.
Defaults to "%"
name
Required.
User name to create a user on instance creation.
String value expected.
Can be updated without replacement.
The length must be no greater than 16.
Value must match pattern: [a-zA-Z0-9_]+[a-zA-Z0-9_@?#\s]*[a-zA-Z0-9_]+
password
Required.
Password for those users on instance creation.
String value expected.
Can be updated without replacement.
Value must match pattern: [a-zA-Z0-9_]+[a-zA-Z0-9_@?#\s]*[a-zA-Z0-9_]+

Attributes

hostname

Hostname of the instance.

href

Api endpoint reference of the instance.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Trove::Instance
    properties:
      availability_zone: String
      databases: [{"character_set": String, "collate": String, "name": String}, {"character_set": String, "collate": String, "name": String}, ...]
      datastore_type: String
      datastore_version: String
      flavor: String
      name: String
      networks: [{"network": String, "port": String, "fixed_ip": String}, {"network": String, "port": String, "fixed_ip": String}, ...]
      replica_count: Integer
      replica_of: String
      restore_point: String
      size: Integer
      users: [{"name": String, "password": String, "host": String, "databases": [String, String, ...]}, {"name": String, "password": String, "host": String, "databases": [String, String, ...]}, ...]

OS::Vitrage::Template

Available since 16.0.0

A resource for managing Vitrage templates.

A Vitrage template defines conditions and actions, based on the Vitrage topology graph. For example, if there is an “instance down” alarm on an instance, then execute a Mistral healing workflow.

The VitrageTemplate resource generates and adds to Vitrage a template based on the input parameters.

Required Properties

template_file
Path of the Vitrage template to use.
String value expected.
Updates cause replacement.
template_params
Input parameters for the Vitrage template.
Map value expected.
Updates cause replacement.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Vitrage::Template
    properties:
      template_file: String
      template_params: {...}

OS::Zaqar::MistralTrigger

Available since 8.0.0 (Ocata)

A Zaqar subscription for triggering Mistral workflows.

This Zaqar subscription type listens for messages in a queue and triggers a Mistral workflow execution each time one is received.

The content of the Zaqar message is passed to the workflow in the environment with the name “notification”, and thus is accessible from within the workflow as:

<% env().notification %>

Other environment variables can be set using the ‘env’ key in the params property.

Required Properties

queue_name
Name of the queue to subscribe to.
String value expected.
Updates cause replacement.
Value must be of type zaqar.queue
workflow_id
UUID of the Mistral workflow to trigger.
String value expected.
Can be updated without replacement.
Value must be of type mistral.workflow

Optional Properties

input
Input values to pass to the Mistral workflow.
Map value expected.
Can be updated without replacement.
Defaults to {}
params
Parameters to pass to the Mistral workflow execution. The parameters depend on the workflow type.
Map value expected.
Can be updated without replacement.
Defaults to {}
ttl
Time to live of the subscription in seconds.
Integer value expected.
Can be updated without replacement.
Defaults to 220367260800
The value must be at least 60.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Zaqar::MistralTrigger
    properties:
      input: {...}
      params: {...}
      queue_name: String
      ttl: Integer
      workflow_id: String

OS::Zaqar::Queue

Available since 2014.2 (Juno)

A resource for managing Zaqar queues.

Queue is a logical entity that groups messages. Ideally a queue is created per work type. For example, if you want to compress files, you would create a queue dedicated for this job. Any application that reads from this queue would only compress files.

Optional Properties

metadata
Arbitrary key/value metadata to store contextual information about this queue.
Map value expected.
Can be updated without replacement.
name
Name of the queue instance to create.
String value expected.
Updates cause replacement.
The length must be no greater than 64.

Attributes

href

The resource href of the queue.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Zaqar::Queue
    properties:
      metadata: {...}
      name: String

OS::Zaqar::SignedQueueURL

Available since 8.0.0 (Ocata)

A resource for managing signed URLs of Zaqar queues.

Signed URLs allow to give specific access to queues, for example to be used as alarm notifications. To supply a signed queue URL to Aodh as an action URL, pass “zaqar://?” followed by the query_str attribute of the signed queue URL resource.

Required Properties

queue
Name of the queue instance to create a URL for.
String value expected.
Updates cause replacement.

Optional Properties

methods
List of allowed HTTP methods to be used. Default to allow GET.
List value expected.
Updates cause replacement.
List contents:
Optional.
String value expected.
Updates cause replacement.
Allowed values: “GET”, “DELETE”, “PATCH”, “POST”, “PUT”
paths
List of allowed paths to be accessed. Default to allow queue messages URL.
List value expected.
Updates cause replacement.
ttl
Time validity of the URL, in seconds. Default to one day.
Integer value expected.
Updates cause replacement.

Attributes

expires

Expiration date of the URL.

methods

Comma-delimited list of methods for convenience.

paths

Comma-delimited list of paths for convenience.

project

The ID of the Keystone project containing the queue.

query_str

An HTTP URI query fragment.

show

Detailed information about resource.

signature

Signature of the URL built by Zaqar.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Zaqar::SignedQueueURL
    properties:
      methods: [String, String, ...]
      paths: [Value, Value, ...]
      queue: String
      ttl: Integer

OS::Zaqar::Subscription

Available since 8.0.0 (Ocata)

A resource for managing Zaqar subscriptions.

A Zaqar subscription listens for messages in a queue and sends a notification over email or webhook.

Required Properties

queue_name
Name of the queue to subscribe to.
String value expected.
Updates cause replacement.
Value must be of type zaqar.queue
subscriber
URI of the subscriber which will be notified. Must be in the format: <TYPE>:<VALUE>.
String value expected.
Can be updated without replacement.

Optional Properties

options
Options used to configure this subscription.
Map value expected.
Can be updated without replacement.
ttl
Time to live of the subscription in seconds.
Integer value expected.
Can be updated without replacement.
Defaults to 220367260800
The value must be at least 60.

Attributes

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Zaqar::Subscription
    properties:
      options: {...}
      queue_name: String
      subscriber: String
      ttl: Integer

OS::Zun::Container

Available since 9.0.0 (Pike)

A resource that creates a Zun Container.

This resource creates a Zun container.

Required Properties

image
Name or ID of the image.
String value expected.
Updates cause replacement.

Optional Properties

command
Send command to the container.
String value expected.
Updates cause replacement.
cpu
The number of virtual cpus.
Number value expected.
Can be updated without replacement.
environment
The environment variables.
Map value expected.
Updates cause replacement.
hints

Available since 10.0.0 (Queens)

Arbitrary key-value pairs for scheduler to select host.
Map value expected.
Updates cause replacement.
hostname

Available since 10.0.0 (Queens)

The hostname of the container.
String value expected.
Updates cause replacement.
image_driver
The image driver to use to pull container image.
String value expected.
Updates cause replacement.
Allowed values: “docker”, “glance”
image_pull_policy
The policy which determines if the image should be pulled prior to starting the container.
String value expected.
Updates cause replacement.
Allowed values: “ifnotpresent”, “always”, “never”
interactive
Keep STDIN open even if not attached.
Boolean value expected.
Updates cause replacement.
labels
Adds a map of labels to a container. May be used multiple times.
Map value expected.
Updates cause replacement.
memory
The container memory size in MiB.
Integer value expected.
Can be updated without replacement.
mounts
A list of volumes mounted inside the container.
List value expected.
Updates cause replacement.
List contents:
Map value expected.
Updates cause replacement.
Map properties:
mount_path
Required.
The filesystem path inside the container.
String value expected.
Updates cause replacement.
volume_id
Optional.
The ID or name of the cinder volume mount to the container.
String value expected.
Updates cause replacement.
Value must be of type cinder.volume
volume_size
Optional.
The size of the cinder volume to create.
Integer value expected.
Updates cause replacement.
name
Name of the container.
String value expected.
Can be updated without replacement.
networks

Available since 11.0.0 (Rocky)

An ordered list of nics to be added to this server, with information about connected networks, fixed ips, port etc.
List value expected.
Can be updated without replacement.
List contents:
Map value expected.
Can be updated without replacement.
Map properties:
fixed_ip
Optional.
Fixed IP address to specify for the port created on the requested network.
String value expected.
Can be updated without replacement.
Value must be of type ip_addr
network
Optional.
Name or ID of network to create a port on.
String value expected.
Can be updated without replacement.
Value must be of type neutron.network
port
Optional.
ID of an existing port to associate with this container.
String value expected.
Can be updated without replacement.
Value must be of type neutron.port
restart_policy
Restart policy to apply when a container exits. Possible values are “no”, “on-failure[:max-retry]”, “always”, and “unless-stopped”.
String value expected.
Updates cause replacement.
security_groups

Available since 10.0.0 (Queens)

List of security group names or IDs.
List value expected.
Updates cause replacement.
Defaults to []
tty

Available since 14.0.0 (Ussuri)

Whether the container allocates a TTY for itself.
Boolean value expected.
Updates cause replacement.
workdir
The working directory for commands to run in.
String value expected.
Updates cause replacement.

Attributes

addresses

A dict of all network addresses with corresponding port_id. Each network will have two keys in dict, they are network name and network id. The port ID may be obtained through the following expression: “{get_attr: [<container>, addresses, <network name_or_id>, 0, port]}”.

name

Name of the container.

show

Detailed information about resource.

HOT Syntax

heat_template_version: 2015-04-30
...
resources:
  ...
  the_resource:
    type: OS::Zun::Container
    properties:
      command: String
      cpu: Number
      environment: {...}
      hints: {...}
      hostname: String
      image: String
      image_driver: String
      image_pull_policy: String
      interactive: Boolean
      labels: {...}
      memory: Integer
      mounts: [{"volume_id": String, "volume_size": Integer, "mount_path": String}, {"volume_id": String, "volume_size": Integer, "mount_path": String}, ...]
      name: String
      networks: [{"network": String, "fixed_ip": String, "port": String}, {"network": String, "fixed_ip": String, "port": String}, ...]
      restart_policy: String
      security_groups: [Value, Value, ...]
      tty: Boolean
      workdir: String