- Enforcing security policies that require fresh environments (e.g., after a supply chain incident)
- Ensuring developers work with up-to-date base images and dependencies
- Meeting compliance requirements for environment rotation
- Maximum lifetime: How long an environment can exist before it becomes non-compliant
- Strict enforcement: Whether non-compliant environments are blocked from restarting
Configuration
Go to Settings → Organization → Policies. Select a duration from the dropdown. Only administrators can change this setting. Available durations: 1 day, 3 days, 1 week, 2 weeks, 1 month, 3 months, 6 months, or no maximum. Changes apply to new environments only. Existing environments keep their current lifetime.Strict enforcement
When a lifetime is set, you can enable strict enforcement to prevent users from restarting non-compliant environments.
The compliance banner shows how many environments are currently non-compliant and how many will become non-compliant within 24 hours. Click Review environments to open the environment inventory filtered to exceeded environments.
Effect on users
Non-compliant environments display a status banner on the environment details page.

Managing environments
Administrators can review and manage environment lifetimes from Settings → Environments. The inventory shows each environment’s lifetime expiry and compliance status. Use the Exceeded filter to find non-compliant environments.

How it works
When an administrator sets a maximum lifetime:- New environments receive a lockdown timestamp equal to creation time plus the configured duration
- Existing environments are not affected. They keep their current lifetime (or have none).
- When an environment passes its lockdown timestamp, it becomes non-compliant
- Depending on strict enforcement, restarting is either warned or blocked
The lockdown timestamp is set once at environment creation. Changing the policy duration only affects environments created after the change.