IT OPS
Vercel TLS Certificate Expiry Watchdog with PagerDuty Escalation
Runs daily to check every Vercel project domain's TLS certificate expiry window and opens a PagerDuty incident when any cert falls inside the renewal danger zone.
How it runs
The automated pipeline, trigger to output.
- TriggerDaily 06:00 UTC schedule
- ActionList Vercel domains and fetch cert metadataVercel
- LogicFilter to certs expiring within 14 days
- ActionOpen deduplicated PagerDuty incident per domainPagerDuty
- OutputPost scan summary to Slack ops channelSlack
What it does
Each morning this workflow pulls the full list of domains across your Vercel projects, reads each domain's TLS certificate metadata, and computes days-to-expiry. Any certificate expiring within your threshold (default 14 days) triggers a PagerDuty incident so on-call sees it before users hit a browser warning.
When to use it
Run this when you host customer-facing domains on Vercel and cannot tolerate a silent auto-renewal failure. It is the safety net under Vercel's managed certs: most renew automatically, but DNS misconfiguration, removed CAA records, or apex domains pointed elsewhere can cause silent failures that only surface as an outage.
How it works
The schedule trigger fires daily at 06:00 UTC. An action lists all domains via the Vercel API and fetches certificate detail for each. A logic step filters to certs whose `validTo` is within the threshold or already expired. For each survivor, an action opens a PagerDuty incident keyed by domain so duplicates dedupe rather than spam. A final output posts a one-line summary of the day's scan to the ops channel for an audit trail.
Set it up
What you configure once, before turning it on.
- 1Connect VercelDeploys, runtime logs, analytics.
- 2Connect PagerDutyIncidents, on-call, escalations.
- 3Connect SlackChannels, DMs, threads, mentions.
- 4Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
- 5Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
- 6Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.
More IT Ops workflows
Daily Building Anomaly Digest to MS Teams
Each morning queries BigQuery for the prior day's flagged sensor anomalies, summarizes them by site and system into a ranked briefing.
Indoor Air Quality Breach to Tenant Notice and Work Order
Listens for CO2, VOC, or humidity sensor alerts via webhook, and when a zone exceeds occupant-safety limits it emails affected tenants, opens a Monday remediation task.
Self-Service Reclaim Email for Idle Users
Detects users idle in a SaaS app past the threshold and emails each one a keep-or-release link; unanswered seats after the deadline are auto-flagged for removal.
Outlook Room Conflict Resolver with Approval Gate in Teams
When an Outlook room clashes, proposes a rebooking and asks the bumped meeting's organizer to approve the move in Microsoft Teams before any change is made.
Outlook Room Double-Booking Resolver with Auto-Rebook
Detects when two meetings claim the same Outlook room resource and automatically relocates the lower-priority meeting to a comparable free room.
Monthly Wasted-License Cost Report
Aggregates inactive-seat data across all tracked SaaS apps each month, computes total reclaimable spend, and delivers a ranked cost report to leadership in Notion and Slack.
Run it inside a business
This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.
Run this workflow in your colony.
14-day trial. No DevOps. No Sales call. Provisioned in under a minute.