Tenancy and Access Control

Workspace Isolation

Workspaces provide complete tenant isolation through:

• Data Separation: Each workspace maintains its own snapshot and change set collection
• Secret Isolation: Credentials are encrypted with workspace-specific keys and cannot cross the workspace boundary
• Access Isolation: Users, agents, and integration access are scoped to a workspace, and access to additional workspaces must be explicitly granted

Unified Access Control Model

Both human users and AI agents operate under the same permission system:

• Role-Based Permissions: Static permissions assigned through workspace roles (approver, collaborator)
• Relationship-Based Permissions: Dynamic permissions can be applied to views, such that any change to a component within the given view can trigger additional approvals for discrete sets of users. This enables the designation of resource owners, ensuring the right people can approve changes.

AI Agent Integration

AI agents authenticate using Personal Access Tokens that inherit identical permission constraints. The permission system prevents privilege escalation while enabling AI agents to perform complex infrastructure operations within their authorized scope.