Expire At a Specific Time

In this guide, you'll learn how you can configure a Grant Kit to automatically revoke access to a grant after some date. You'll do this by importing and using an expiration policy Abbey provides out-of-the-box.

We will be using the Expire After a Duration guide as a base and modify it to this use case.

Step 1: Configure Your Policy

Write your policy using Abbey's expiration helper functions.

common.rego

package common

import data.abbey.functions

allow[msg] {
  functions.expire_at("2023-06-15T04:00:00+00:00")
  msg := "granting access funtil 06/15/2023 4am UTC."
}

Unlike the functions.expire_after helper which uses a duration, the functions.expire_at takes an RFC 3339 datetime string.

Abbey revokes grants in realtime. When the date and time is reached, the grant will be revoked immediately.

PreviousExpire After a Duration NextApproval Workflows

Last updated 1 year ago