Fouad Matin

@fouadmatin

Elsie Phillips

Things break, and when they do, your on-call team jumps into motion like the capeless heroes they are (unless you count the hood on a hoodie as a cape). A key element to fast response is elevated privileges to access production and customer data.

But if it’s 2 am, who is granting that access?

Managers don’t want to be woken up just for that. They also don’t want to manually add and remove admin privileges at the start of each new on-call schedule. And you certainly don’t want to give standing production and customer data access to every engineer.

That is a recipe for Things Going Wrong™.

So what do you do? Pair PagerDuty + Indent!

When using PagerDuty and Indent together, you can:

• Notify the correct people to respond to an incident
• Give secure, on-demand production and customer data access in seconds based on PagerDuty on-call status
• Auto-revoke access after a configurable duration
• Record comprehensive access logs for compliance audits

“We're excited about Indent’s new integration and solution for getting on-call engineers’ production and customer data access quickly in a secure, time-bound way. This can reduce incident response times and make sensitive systems more secure.”

— Steve Gross, Sr. Director of Global Technology Ecosystem, PagerDuty

Give it a try in our interactive demo below:

PagerDuty helps teams improve service quality for their customers. It facilitates on-call scheduling and escalations and ensures that the right individual or teams are notified when operational issues and incidents happen.

How does it work? It ingests data from your IT Service Management (ITSM) and other customer service tools. It can group similar alerts into incidents, and only send what’s relevant to on-call teams via whichever channel they prefer. Those on-call folks can be pinged from their device of choice, so unless they’re really into that whole retro thing, no actual pagers need to be involved.

PagerDuty saves your teams’ sanity by eliminating noise from multiple tools, creating a clear signal for your team to follow during incidents. Services and components are mapped to your actual infrastructure, so you aren't getting redundant pings. It also centralizes important information for each service like team ownership, the present on-call team member, historical alerts and incidents, dependent services, and preferred communication channels.

So, your app blew up. How do you get access to it? You might be in an organization where you have standing access to Prod (yikes!), or an org where you need to contact someone in IT and get them to elevate your permissions (also yikes).

Here’s what getting access looks like with the PagerDuty + Indent integration. Indent confirms you’re on-call and need access. You now have access, and an auditable log of events is saved for future review or regulatory compliance. It’s that easy!

Or, in a bit more detail, here’s the chain of events from an incident kicking off:

1. You’re on-call and your app starts misbehaving
2. PagerDuty detects the issue, and alerts you
3. You type /access in Slack or click the “request access” button on Indent.com
4. Indent automatically elevates your privileges since the PagerDuty + Indent integration indicates you’re currently on-call
5. You SSH into the server (likely using a secure service like Tailscale or Twingate)

$ ssh ec2-user@prod-apac-kermit
…
$ ps aux | grep misbehaving_process

Cool, so what do you need to do to get that setup? You’ll obviously need PagerDuty and Indent. After that, it’s really your choice for how you prefer to grant access. Is it behind SSO with Okta? Maybe, through a secure networking service like Tailscale or Twingate? Or, possibly directly through something like AWS. Indent integrates with all of the above. What’s needed follows:

1. Create Indent space (choose Slack / email)
2. Go to https://indent.com/catalog/pagerduty to get the webhook secret for the integration
3. Follow our documentation for instructions on setting up Indent with PagerDuty
4. Pick your method of granting access, and follow the guide for setting that up on Indent. Okta Groups, Tailscale, and AWS are all great options
5. Start automatically granting secure and temporary access during incidents