Expiration of API keys and licenses

API keys of many services have an expiry and will quietly die at an inconvenient moment. Set up a single “registry of expiring secrets” and deploy a scheduled function:

import os, datetime, json, requests

ITEMS = json.load(open("expirations.json"))
# [{"name":"OpenAI prod key","expires":"2026-08-01"}, ...]

def handler(event, context):
    today = datetime.date.today()
    for it in ITEMS:
        exp = datetime.date.fromisoformat(it["expires"])
        days = (exp - today).days
        for thr in (30, 7, 1, 0):
            flag = f"/tmp/exp-{it['name']}-{thr}-{exp}.flag"
            if days <= thr and not os.path.exists(flag):
                prio = 10 if thr <= 1 else (8 if thr == 7 else 5)
                push(f"⏳ {it['name']}: {days} дн.",
                     f"Истекает {exp.isoformat()}. Ротируйте/продлите.",
                     prio)
                open(flag, "w").close()
                break
    return {"statusCode": 200}

def push(t, m, p):
    requests.post(f"{os.environ['NOTIFLY_URL']}/message",
                  params={"token": os.environ["NOTIFLY_TOKEN"]},
                  json={"title": t, "message": m, "priority": p}, timeout=5)

For SSL certificates there is a separate ready-made active monitor kind: tls — an alert N days before expiration without your own code.