Can someone make me an example of how I would have the job processor perform a Vault operation "as a specific Vault user". That is, I want to have an operation done while impersonating a known user so that the Vault records them as the person of record for the action. I would like to be able to determine this user from context information in the Vault - most likely by looking at the user who performed the release but possibly by looking at another property that actually explicitly stores a user that I want the job processor to work for.
For example - if on release we create a powerJobs job that publishes several artifacts for every design:
I know we have done this for customers in the past but I don't remember if we had to write a little bit of Vault API code to do it or if it is all possible in powerShell.
I have to major concerns about that approach.
For the actual impersonation you need to create a new Vault session to login with another users credentials. This probably needs to be done in a separate runspace to avoid conflicts.
I know we did this in the past with one specific user that had elevated permissions. We used that in client code for certain actions that a user would normally not be able to do.