This will allow the expiry date to be amended independently of the issued SAS tokens, which will then allow:
Setting the expiry date of the policy to the past to invalidate existing SAS tokens.
Extending the validity of existing SAS tokens without reissuing them
Notes
When implementing, we should aim to completely delete existing pool policies when we delete the pool and create a new policy each time we create a pool. This way we don't need to worry about protecting any SAS tokens except the ones issued when creating the current pool. As SAS tokens are linked to policies by policy name, we will need to apply a naming convention that includes a date or random string suffix so that new policies will never have the same name as old ones.
This will allow the expiry date to be amended independently of the issued SAS tokens, which will then allow:
Notes
When implementing, we should aim to completely delete existing pool policies when we delete the pool and create a new policy each time we create a pool. This way we don't need to worry about protecting any SAS tokens except the ones issued when creating the current pool. As SAS tokens are linked to policies by policy name, we will need to apply a naming convention that includes a date or random string suffix so that new policies will never have the same name as old ones.