Hello. I’d like to hear some feedback on this issue from experienced people.
We expose an custom API as POST /api/automation_requests with {uri_parts: {namespace: '...', class: '...', instance: '...'}}. There is a need to forward this call from master to region.
I am using a predefined user, and it is all working nice. But now for region call I want to use the same user (I mean user with the same name), that is calling master. I can get userid, but I cannot get password from automate.
I see several options:
- Use the predefined service user, pass calling userid as an attribute and solve all autorization manually in automate.
- Use the predefined service user and solve all autorization manually already in master region.
- Patch MiqAeServiceUser to expose password_digest and decrypt it.
What do you think it is the best choice?