# Value Expiration

Parameter Value Expiration gives us the ability to either visually alert or automatically rotate a parameter's values via a user specified duration. This is useful when a company policy requires secrets to be rotated on a regular basis.

Parameter Value Expiration can be set during creation or added to existing parameters.

## Setting a parameter to not change on expiration

This example will show how to create an expiring parameter which does not automatically change the parameter's environment values. Visual indication only.

1. Start by creating a new parameter
2. Check the `EXPIRES` option
3. Set the `EXPIRES IN:` duration

<figure><img src="/files/JjfqkGDmkagqeR4MA2oe" alt="" width="465"><figcaption></figcaption></figure>

4. Add the `ENVIRONMENT VALUE` in the `ADD ENVIRONMENT VALUE` modal, then click `Save`
5. Note the expiration duration is visible in the parameter's detail page:

<figure><img src="/files/xJbA6F2JOmhU7e9DW0rj" alt=""><figcaption></figcaption></figure>

6. Go back the Parameter List to see the visual indicator next to the parameter's value and hover over the hourglass to quickly view the remaining duration before the parameter expires:

<figure><img src="/files/nUWQb3Wx7JpkA6lOHRGh" alt=""><figcaption></figcaption></figure>

{% hint style="info" %}
The hourglass icon will change colors at different stages:

* Black - expiration time is outside of 5 days
* Yellow - expiration time is within 5 days and has not yet expired
* Red - parameter value has expired
  {% endhint %}

## Setting a parameter to automatically rotate values on expiration

1. Start by creating a new parameter
2. Check the `EXPIRES` option
3. Set the `EXPIRES IN:` duration
4. Check the `AUTO-GENERATE VALUE:` option
5. Select and modify the options as needed. The `Generate Password` button is there as a convenience and will generate a copyable password-style string to be pasted into the `ADD ENVIRONMENT VALUE` modal displayed after clicking `Create Parameter` here:

<figure><img src="/files/W7F9L9979AR6HadDea5w" alt="" width="465"><figcaption></figcaption></figure>

CloudTruth will check periodically for expired parameters and take the appropriate action to generate a new password and restart the duration clock.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.cloudtruth.com/configuration-management/parameters/value-expiration.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.