Solved

How can I separate access when I create a multi-environments in a project

  • 13 April 2022
  • 3 replies
  • 73 views
P

Hello HEAP,

I am Phuoc, a DevOps Engineer of Auvenir. We’re planning to integrate your product to our application.

For now we are facing a concern regarding security that we do not know how to separate access permission when we have multi-environment creation.

For example:

  • We have 2 teams, one is the development team and another is the production team.
  • We create 2 environments in the same project, one is DEV environment and another is PROD environment
  • Our expectation is development team is able to access DEV environment only, if possible they can not see PROD environment in any place.

Best Regards,

Phuoc Truong

icon

Best answer by Josh Roberts 13 April 2022, 23:33

View original

3 replies

Josh Roberts
Rank
Userlevel 2
Badge +1

Hi Phuoc, great question.

Currently we only provide access control at the project level. You can find docs here: https://help.heap.io/heap-administration/team-management/manage-project-access/

Within a project, everyone with access will be able to see all environments. Can you tell me more about the need to restrict some users to development data and some to production data? Is it a data classification/privacy issue, or something else?

P

Thank you for your response, Roberts.

Yes, we actually want to restrict some users such as developers to production data. Developers, they free to use all of the data in which environment is allowed but no more with other environments.

Josh Roberts
Rank
Userlevel 2
Badge +1

Thanks, Phuoc. You could always solve this by using multiple projects, but you would of course have to re-create anything you build across projects. If you’re not actually creating events and doing analysis this could work. Are there behaviors in dev that wouldn’t be supported across multiple projects?

Additionally, we’re always trying to fully understand what our customers need so we can build the best solutions. I’m curious if you could elaborate further on the restriction and why it’s in place.

Reply


Terms & ConditionsCookie settings