Reference

Access Model

How OpsCompanion accesses your infrastructure and what permissions are required.

OpsCompanion currently uses read-only access to observe your infrastructure. You control what access is granted and can revoke it at any time.

Current Access Model

OpsCompanion integrations currently use read-only permissions:

  • List resources and their configuration
  • Read metadata, tags, and relationships
  • Access audit logs and change history
  • Query resource state and dependencies

What This Means

  • Safe for production - Current integrations do not modify your systems
  • Minimal security footprint - Limited permission scope
  • Easy to audit - Clear, constrained permission set
  • Fast to approve - Security teams can review quickly

How Permissions Work

Each integration has specific permission requirements:

  • AWS - IAM role with ReadOnly policies
  • GCP - Service account with Viewer role
  • Azure - Service principal with Reader role
  • DigitalOcean - OAuth with read-only scopes
  • GitHub - OAuth with read-only scopes
  • Vercel - OAuth with read-only scopes
  • Lovable - URL-based connection (no API access)
  • Base44 - URL-based connection (no API access)

You Control Access

  • You decide which systems to connect
  • You grant specific permissions per integration
  • You can revoke access at any time
  • No persistent credentials survive revocation

Revoking Access

You can revoke OpsCompanion's access by:

  • Removing the IAM role (AWS)
  • Revoking the OAuth token (GitHub, Vercel, DigitalOcean)
  • Deleting the service principal (Azure)
  • Removing workload identity bindings (GCP)
  • Removing the integration in OpsCompanion (Lovable, Base44)

Security Model

How OpsCompanion secures access to your infrastructure data.

On this page

Current Access ModelWhat This MeansHow Permissions WorkYou Control AccessRevoking Access