Value Expiration

Parameter Value Expiration gives us the ability to either visually alert or automatically rotate a parameter's values via a user specified duration. This is useful when a company policy requires secrets to be rotated on a regular basis.

Parameter Value Expiration can be set during creation or added to existing parameters.

Setting a parameter to not change on expiration

This example will show how to create an expiring parameter which does not automatically change the parameter's environment values. Visual indication only.

Start by creating a new parameter
Check the EXPIRES option
Set the EXPIRES IN: duration

Add the ENVIRONMENT VALUE in the ADD ENVIRONMENT VALUE modal, then click Save
Note the expiration duration is visible in the parameter's detail page:

Go back the Parameter List to see the visual indicator next to the parameter's value and hover over the hourglass to quickly view the remaining duration before the parameter expires:

The hourglass icon will change colors at different stages:

Black - expiration time is outside of 5 days
Yellow - expiration time is within 5 days and has not yet expired
Red - parameter value has expired

Setting a parameter to automatically rotate values on expiration

Start by creating a new parameter
Check the EXPIRES option
Set the EXPIRES IN: duration
Check the AUTO-GENERATE VALUE: option
Select and modify the options as needed. The Generate Password button is there as a convenience and will generate a copyable password-style string to be pasted into the ADD ENVIRONMENT VALUE modal displayed after clicking Create Parameter here:

CloudTruth will check periodically for expired parameters and take the appropriate action to generate a new password and restart the duration clock.

PreviousValue Validation NextEnvironments and Tags

Last updated 2 months ago