Value Expiration

Parameter Value Expiration gives us the ability to either visually alert or automatically rotate a parameter's values via a user specified duration. This is useful when a company policy requires secrets to be rotated on a regular basis.

Parameter Value Expiration can be set during creation or added to existing parameters.

Setting a parameter to not change on expiration

This example will show how to create an expiring parameter which does not automatically change the parameter's environment values. Visual indication only.

1. Start by creating a new parameter

2. Check the EXPIRES option

3. Set the EXPIRES IN: duration

1. Add the ENVIRONMENT VALUE in the ADD ENVIRONMENT VALUE modal, then click Save

2. Note the expiration duration is visible in the parameter's detail page:

1. Go back the Parameter List to see the visual indicator next to the parameter's value and hover over the hourglass to quickly view the remaining duration before the parameter expires:

Setting a parameter to automatically rotate values on expiration

1. Start by creating a new parameter

2. Check the EXPIRES option

3. Set the EXPIRES IN: duration

4. Check the AUTO-GENERATE VALUE: option

5. Select and modify the options as needed. The Generate Password button is there as a convenience and will generate a copyable password-style string to be pasted into the ADD ENVIRONMENT VALUE modal displayed after clicking Create Parameter here:

CloudTruth will check periodically for expired parameters and take the appropriate action to generate a new password and restart the duration clock.