Details
-
Improvement
-
Status: To Do
-
Medium
-
Resolution: Unresolved
-
None
-
None
-
None
-
5
-
Yes
-
Yes
-
Yes
-
Portal
Description
User story:
As an SRE I want a mechanism to automate my PMM fleet deployment and get them subscribed to the Percona Platform so that I don't need to pull/ask for new tokens every time automation runs. These deployments can happen at any time and without human intervention.
Acceptance criteria:
- I have a mechanism to subscribe PMM to PP
- my automation code/configuration doesn't need any code change or user intervention unless the admin decides to
- An admin user can take action to stop this, i.e. manually rotating a token.
- This mechanism is fully documented
Details:
Right now a token can be used but
- these tokens are for individual users
- It's valid for only 30 mins
- if the individual login again it gets rotated
All these make me impossible to automate deployments without human intervention and without having an admin account in the Percona Platform.
I recommend having an organization's token without TTL that can be rotated only by admin users.