The service should have the option to require user authentication

[dev-dull]

PyTerraBackTYL should have the option to require user authentication to get and set data.

Requirements:

1. Like persistent and non-persistent backends, this should be a user-configurable plugin.
2. The default should be an LDAP/AD lookup

Ideas for consideration as a requirement:

1. Pass the module to the non-persistent backends
2. Functionality to glob on ENV so that some environments will require auth (e.g. prod) and some will not (e.g. non-prod).
3. Boolean config option to enable checking by PyTerraBackTYL
   1. when set to False, it would become the duty of the persistent backend to perform this task
   2. The module should be passed to the persistent backend
4. Passing the auth module to the backend and the globing on the ENV would be two different ways of allowing ENV based auth requirements and are not wholly compatible.

this ticket a work-in-progress. Documentation updates still need to be listed.

[guymatz]

Some light RBAC would also be nice . . . this could allow read-only access to the state file for users - allowing them to run a plan - and write-access for admins allowing them to run apply