Secret XML format

Secret XML

Secrets stored by libvirt may have attributes associated with them, using the secret element. The secret element has two optional attributes, each with values 'yes' and 'no', and defaulting to 'no':

ephemeral

This secret must only be kept in memory, never stored persistently.

private

The value of the secret must not be revealed to any caller of libvirt, nor to any other node.

The top-level secret element may contain the following elements:

uuid

An unique identifier for this secret (not necessarily in the UUID format). If omitted when defining a new secret, a random UUID is generated.

volume

Key of a volume this secret is associated with. It is safe to delete the secret after the volume is deleted.

description

A human-readable description of the purpose of the secret.

Example

      <secret ephemeral='no' private='yes'>
         <volume>/var/lib/libvirt/images/mail.img</volume>
         <description>LUKS passphrase for the main hard drive of our mail server</description>
      </secret>