Policy: Turbot > Workspace > osquery > Enroll Secret Expiration

The policy specifies the duration after which the JWT token issued by osquery will expire.

The expiration time is critical for security, ensuring that tokens are not valid indefinitely and reducing the risk of unauthorized access.

You can set the duration in Hours to determine how long before the entity expires. If you require that the entity never expires, you can set the policy to Never.

Resource Types

This policy targets the following resource types:

Turbot

Primary Policy

This policy is used with the following primary policy:

Turbot > Workspace > osquery

Controls

Turbot > Workspace > osquery

Policy Specification

Schema Type	`string`
Default	`1 hour`
Valid Values [YAML]	`1 hour` `12 hours` `1 day` `15 days` `1 month` `2 months` `3 months` `6 months` `1 year` `2 years` `3 years` `5 years` `Never`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/turbot

Policy Type URI

tmod:@turbot/osquery#/policy/types/workspaceOsqueryEnrollSecretExpiration

GraphQL

query policyType(id: "tmod:@turbot/osquery#/policy/types/workspaceOsqueryEnrollSecretExpiration") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/osquery#/policy/types/workspaceOsqueryEnrollSecretExpiration'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/osquery#/policy/types/workspaceOsqueryEnrollSecretExpiration'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/osquery#/policy/types/workspaceOsqueryEnrollSecretExpiration"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/osquery#/policy/types/workspaceOsqueryEnrollSecretExpiration"