Pre-approving Access
Approvers can pre-approve access before the requestor creates an access request.
For instance, the approver may want to allow certain users to elevate their permissions automatically for the duration of a project, without having to wait for the approver to approve manually every time.
π Allowing access ahead of time
To allow access requests for the future, use the /p0 allow slash command in Slack.
The arguments for this command are similar to /p0 request (see Using Slack slash commands), with a few additional required options:
--to <email>Use the email identifier of the principal to which you want to grant access--length <duration>Duration for auto-approved access. The requestor will be automatically approved between thestarttime of theallowcommand up to this duration. Format like'10 minutes','2 hours','5 days', or'1 week'.--request-duration <duration>Access duration for individual requests. Once the requestor submits an access request, it will be automatically approved for this duration. Format like the--lengthoption.
Optionally you can specify the --start option, which is the start time for auto-approved access. Defaults to now if not specified. Use ISO 8601 format, like '2021-01-01T00:00:00Z' or 2021-01-01.
The principal issuing the allow command must be a valid approver for the principal in the --to argument, and for the resources specified, based on routing rules.
Last updated