Skip to main content

Production Access

You can use Indent to manage ephemeral access to your production environment to deal with customer bugs, outages, or other live-site issues.

The goal

You want to restrict access to your production environment, but you want to ensure employees can get access when they need it during critical outages. You need to ensure your employees don't have standing access to production, but you also need to provision access quickly to prevent loss of connectivity for customers.

How it works

Indent integrates with your identity provider to manage secure access to your production environment. You can create a a group, attach it to your production environment, and grant employees access only when they need it.

Compatible Integrations:

Step 1: Sign up for Indent

Step 2: Configure your integration

  • Create Indent Webhooks to integrate with your identity provider.
  • When your Indent Space is integrated with your identity provider, you'll be able to request access to Resources from Slack or the Dashboard.

Step 3: Lock production behind identity groups

  • Create an identity group that can access production.
  • Pull updates from your Indent Webhooks and check that your new group is listed as a Resource.

Step 4: Configure approval routing policies

  • Choose who in your organization should review access requests.
  • Create an Access Request Policy for your Space and define your new group and your reviewers.

Step 5: Test with yourself

  1. Navigate to the Indent Dashboard and make a new request.
  2. Select the Resource you want to access.
  3. Review and approve the request in Slack.
  4. Check that access was provisioned to your identity group.
  5. Revoke access in Slack and check that access was revoked from your identity group.

Step 6: Onboard your team

  • Once users can access your Indent Space, they can request access to specific groups from the Indent Dashboard or from Slack.
  • Reviewers grant users access to a group for a predefined amount of time. If the access period is longer than 15 minutes, team members are automatically notified five minutes before access expires.
  • When your team members need access to production to addres an issue, you can provision access for short durations. They can do their work and at the end of the request period Indent automatically revokes access.

Congrats! You've just configured requesting and managing ephemeral production access with Indent. Share this message with your team to let them know you're using Indent to manage production access:

Hi everyone! We're using @Indent to manage ephemeral access to production cloud resources like AWS EC2 Instances. You can try requesting access by typing: /access in Slack!

Looking for something?