387044de43
Ironic and Ironic inspector have some potentially unauthenticated endpoints which are designed for the Ironic Python Agent to make callbacks to the Ironic API during node deployment [1] [2] [3]. Ensure that these endpoints are never accessible from an untrusted network. [1] https://docs.openstack.org/api-ref/baremetal/#agent-lookup [2] https://docs.openstack.org/api-ref/baremetal/#agent-heartbeat [3] https://docs.openstack.org/api-ref/baremetal-introspection/#ramdisk-callback Change-Id: Ie1735103a7c60f73230ecac12ca996d845f5336b