Skip to main content
This feature is in early access. Contact your account team or support to enable it for your organization.
Set a maximum age for new environments. Environments that exceed this limit become non-compliant. Useful when:
  • Enforcing security policies that require fresh environments (e.g., after a supply chain incident)
  • Ensuring developers work with up-to-date base images and dependencies
  • Meeting compliance requirements for environment rotation
Two controls available:
  • Maximum lifetime: How long an environment can exist before it becomes non-compliant
  • Strict enforcement: Whether non-compliant environments are blocked from restarting

Configuration

Go to Settings → Organization → Policies. Select a duration from the dropdown. Only administrators can change this setting. Available durations: 1 day, 3 days, 1 week, 2 weeks, 1 month, 3 months, 6 months, or no maximum. Changes apply to new environments only. Existing environments keep their current lifetime.

Strict enforcement

When a lifetime is set, you can enable strict enforcement to prevent users from restarting non-compliant environments. Maximum environment lifetime policy with strict enforcement enabled
Strict enforcementBehavior
Off (default)Users see a warning when starting a non-compliant environment but can choose to restart anyway
OnNon-compliant environments are blocked from restarting. Users must create a new environment.
The compliance banner shows how many environments are currently non-compliant and how many will become non-compliant within 24 hours. Click Review environments to open the environment inventory filtered to exceeded environments.

Effect on users

Non-compliant environments display a status banner on the environment details page. Non-compliant environment status banner on the details page When an environment exceeds its lifetime and strict enforcement is off, users see a warning with the option to restart anyway or create a new environment. When strict enforcement is on, users cannot restart a non-compliant environment. The modal shows the policy details and offers creating a new environment. Users can copy the details to share with an administrator for requesting an extension. Environment Lifetime Exceeded modal with strict enforcement

Managing environments

Administrators can review and manage environment lifetimes from Settings → Environments. The inventory shows each environment’s lifetime expiry and compliance status. Use the Exceeded filter to find non-compliant environments. Environment inventory with lifetime column showing exceeded environments To extend an individual environment’s lifetime, click the menu on an environment row and select Update lifetime. Update environment lifetime modal You can extend or set a specific expiry date. Bulk updates are also available by selecting multiple environments.

How it works

When an administrator sets a maximum lifetime:
  1. New environments receive a lockdown timestamp equal to creation time plus the configured duration
  2. Existing environments are not affected. They keep their current lifetime (or have none).
  3. When an environment passes its lockdown timestamp, it becomes non-compliant
  4. Depending on strict enforcement, restarting is either warned or blocked
The lockdown timestamp is set once at environment creation. Changing the policy duration only affects environments created after the change.