Add Authenticator endpoint for adding credentials

[tyrannosaurus-becks]

I'm thinking we could add an endpoint in the Authenticator for adding credentials that would be accessible to clients. Since Authenticator needs them in a certain format, Authenticator would do the work of adding them in the format it needs.

This needs further design, but the endpoint would be one that you'd need admin access to. So we'd need to figure out a way to determine who administrators should be and how they authenticate to this Authenticator endpoint.

Then, after authenticating as an administrator, someone could CRUD credentials for clients. They would post to some endpoint, where the path would be something like the object the caller will be able to access (maybe a postgres DB, but also could be mysql, etc.). And the body would be something like:

{
  "access_granted_to": [
    {
      // Each object here would vary by platform. For AWS it would be their IAM arns, but this should be extensible for Azure and GCP too.
    }
  ],
  "credentials": [
    {
      // Each object here would vary too due to needing to support multiple types of databases, but the reason we should allow multiple is because maybe somebody would want to be able to add 3 sets of credentials in case they're shared and they don't want to run out.
    }
  ],
}

After receiving such a request, we would turn around and store the creds in whatever credential storage mechanism they're using.

I'm not totally stuck on this design, just trying to provide some food for thought. Also, I think this should be prioritized as low because, since users can also directly add credentials to things, this is more of a "nice to have" for UX than a "must have".

[tyrannosaurus-becks]

Closing this in favor of first doing design via #75