TODO: how to handle credentials? will the stateful app keep credentails
permanently for each instance being checked?
As much as this worries me from a security standpoint, I don't see
another way around this - cloud API's generally don't allow any
delegation of auth.
There's a couple more TODO's connected to credentials:
TODO: how are credentials changes handled (user revokes API Key and
generates a new one) ? [not for the first cut]
We might allow update action for the Instance resource, this can then be
easily called from Conductor.
TODO: when are stored credentials purged ? We want to make sure we get
rid of them as quickly as possible.
I would say that credentials are deleted together with the instance with
which they are associated.
Jan
