An endpoint node of a multiple node environment includes a storage and a processor. The storage stores a public key for an owner of the endpoint node. The processor receives a declarative request. The declarative request includes a signed certificate and a job to be performed in the endpoint node. In response to reception of the declarative request, the processor determines that the signed certificate is valid, and begins execution of the job associated with the declarative request. In response to a trigger event, the processor re-checks the signed certificate, and determines whether the signed certificate has been revoked. In response to the signed certificate being revoked, the processor performs an action indicated in a policy in the storage.