Workflows
This expains how to make workflows to be used in Common Fate.
What are Access Workflows?
Workflows are used in Common Fate to inform the policy engine how long access should last. Workflows connect with other resources like availabilities and Slack alerts.
Creating an Access Workflow
Access workflows are created using the commonfate_access_workflow resource in Terraform.
resource "commonfate_access_workflow" "workflow-demo" {
name = "demo"
access_duration_seconds = 60 * 60
try_extend_after_seconds = 10 * 60
priority = 100
}
Changing the access duration on a Workflow does not affect the duration of any existing Access Requests.
For example, if you have an Access Workflow with a 2 hour access duration, create an Access Request, and then reduce the duration of the Access Workflow to 1 hour, the existing Access Request will still have a 2 hour duration.
The try_extend_after_seconds field is used to specify the amount of time after access is activated that extending access can be attempted. As a starting point we recommend setting this to half of the access_duration_seconds.
The priority governs whether the policy will be used. If a different policy with a higher priority and the same role exists that one will be used over another.