Is your feature request related to a problem? Please describe.

From the roadmap:

Support automatic cleanup of long-unused (forgotten) ACL policies, to prevent later malicious usage. (safer)

In particular, a system operator might want to automatically clean up unused ACLs after some period of time (6 months?). This would help to ensure that unused policies do not accidentally result in capability grants if the authentication information is used in the future. Additionally, it enables a one-time use policy format, wherein some central system provisions a policy just-in-time before a workload executes and the policy is automatically removed later (workload max timeout + epsilon).

Describe the solution you'd like

ACL Policies could take a new config endpoint (perhaps sys/config/policies/:type) which specifies whether automatic cleanup is enabled and what the default policy expiry is. An operator can then override expiry on a per-policy basis (under sys/policies/acl/:name) and eventually a RollbackManager will trigger and remove expired policies. This also requires that reading a policy in the course of token resolution updates its last-used time.

Describe alternatives you've considered

n/a

Explain any additional use-cases

n/a

Additional context

n/a