This feature enables you to setup a connection between PagerDuty and Abbey so that Abbey can collect the on-call status of a given user. This status can then be used in policies to either auto-deny access (if a user is not on-call) or skip specific approval steps (in the event a user is on-call).

Add a PagerDuty Connection

  1. Click on either + Add a New Source or + New Source button

  2. In the "Select a source type" dropdown, pick PagerDuty as the source type

  3. Choose a name for your connection, and click Create to be redirected to PagerDuty

  4. Log into PagerDuty.

  5. Click Submit Consent to authorize Abbey Labs to read your on-call details

  6. After that, it should automatically redirect you back to Abbey, and your PagerDuty connection is now created. You're now all set to use PagerDuty on-call status in your policies and outputs

Use PagerDuty On-Call Status

Now that you have set up a PagerDuty connection, you can reference PagerDuty on-call schedules in policies skip certain approval steps.

Add a Policy to Skip a Step

  1. Add a rego policy to skip a workflow if the user is on-call in PagerDuty

    package pagerduty
    skip[msg] {
      msg := sprintf("skipping oncall: %v", [data.user.pagerduty.is_on_call])

    Make sure to add .manifest as well

    {"roots": ["pagerduty"]}

  2. Add skip_if block to the workflow you want to skip.
    resource "abbey_grant_kit" "null_grant" {
      workflow = {
        steps = [
            reviewers = {
              all_of = [
    +        skip_if = [
    +          { bundle = "github://example-org/example-repo/policies/on-call" }
    +        ]
    +      }
  3. Now that you have updated your Grant Kit, Deploy Your Grant Kit

And that's it.

  • When a user requests access and they are on-call, they will skip the review process and will be granted access right away.

  • When a user requests access and they are not on-call, their request has to be reviewed by one of the reviewers as usual.

Last updated