During hack week at Squarespace it is common to receive requests for access to the data warehouse. These special case accounts require cleaning up. It would be lovely if pgbedrock supported a time limit on roles.
I'm imagining an expires_at attribute like so:
jdoe:
can_login: yes
is_superuser: no
expires_at: 2018-04-13
Pgbedrock can add a VALID UNTIL clause on the role when this attribute is set. It can also issue an error or warning when executed after the 13th to remind people to clean up the config.
During hack week at Squarespace it is common to receive requests for access to the data warehouse. These special case accounts require cleaning up. It would be lovely if pgbedrock supported a time limit on roles.
I'm imagining an expires_at attribute like so:
Pgbedrock can add a
VALID UNTILclause on the role when this attribute is set. It can also issue an error or warning when executed after the 13th to remind people to clean up the config.