Add permissions to API keys

I’ve checked how the tunnel command works, and I’ve been able to come up with something that works exactly as I want!

I’m using Node.js, so I’ve used the Node.js Balena SDK for it. This is how I’ve done it:

import { getSdk } from 'balena-sdk';
import request from 'request';

const balenaInstance = getSdk({ apiUrl: 'api.<open-balena-domain>' });
await balenaInstance.auth.login(credentials);

const [whoami, token] = Promise.all([
  balenaInstance.auth.whoami(),
  balenaInstance.auth.getToken()
]);

await new Promise((resolve, reject) => {
  request({
    uri: `http://<device-uuid>.balena:<device-port>',
    tunnel: true,
    proxy: `http://${whoami}:${token}@vpn.<open-balena-domain>:3128`
  }, (err, response) => {
    if (err) {
      reject(err);
    } else {
      resolve(response);
    }
  });
});

I don’t know if this works for Balena Cloud though, because of permissions.