Right now authorization rules are static, in other words, I define the rules, deploy, and then a client (user or service account) are then determined as to whether they fall in the role.
It would be great if a rule can be set up that has an expiration time. Let’s say I have a user that I want to temporarily assign them admin role. I could create a rule that says this specific user has admin rights if the date and time falls within a date and time range.
In addition, being able to define a role can be determined by data that is passed in at runtime.