Using a Single Approval Step

In this guide, you'll learn how you can configure a Grant Kit to have a single review step. The step will contain a list of reviewers required to approve or deny an access request.

We will be using the Quickstart as a base and modify it to this use case.

Step 1. Add a Workflow Step

Add a workflow step to your Grant Kit. Other configuration fields such as policies and output are omitted for brevity.

main.tf

resource "abbey_grant_kit" "null_grant" {
  ...

+  workflow = {
+    steps = [
+      {
+        reviewers = {
+          one_of = ["alice@example.com"]
+        }
+      }
+    ]
+  }

  ...
}

We now have a workflow with one step.

First, Alice will be notified to review. If she approves, the access request will be approved overall. This is because there's no one else in the list to require a review from.

If Alice denies the request, then the access request overall will be denied.

By default, Abbey waits for 1 week for pending access requests before automatically denying them. This is to reduce access request debt and ensure you have more tidy access management.

PreviousApproval Workflows NextUsing Multiple Approval Steps

Last updated 4 months ago