Rules

Overview

Security rules in Scalr are how admins can enforce rules on the entire account. The permission security-rules: is required to make updates to any of the security rules. All security rules can be configured at the admin level under security -> rules.

API Tokens Max Lifetime

Account admins can set maximum lifetimes for personal or service account tokens through the account security rules, available in both UI and API. The max lifetime is set in minutes and can be up to one year (525,600 minutes)

After it is set, users will not be able to set an API token lifetime higher than the limit specified:

Service Account Owner

Forcing service account owners helps reduce the risks of orphaned API tokens or unauthorized access. When enabled, this rule requires at least one owner team to be assigned during service account creation or updates, with validation preventing operations without proper ownership assignment. Account admins can activate this feature through the "Require service account owners" toggle.