LaraDep Documentation
You are reading Managed mode
Managed workspace, access and security
How to set roles, workspace boundaries, permissions, and reduce change risk in managed teams and production.
Managed workspace and access model
In managed mode infrastructure remains on the platform, but process responsibility stays in your team. Clear workspace boundaries and roles are the foundation of safe changes.
Purpose
- Separate environments by risk and team,
- define who can execute versus who can review,
- maintain traceability and prevent accidental cross-run damage.
Role model
- Owner — approves critical changes, validates governance, monitors evidence.
- Operator — executes runs in approved workspace context.
- Viewer — read-only visibility in history and status.
Implementation steps
- Design workspace map by client, project, environment.
- Set roles before first run including approvers and escalation contacts.
- Document approval workflow for managed operations.
- Review secret handling and credential lifecycle.
- Include access review in periodic governance checks.
Operational links
- Use governance checklist as change control baseline.
- Validate new process in managed first run.
- Run day-to-day in managed operations.
Control checklist
- Are roles assigned before production window?
- Does every workspace have an owner?
- Are secrets handled with approved rotation and access policy?
- Can any run be audited for initiator, verifier and context?
Next step: Continue to managed operations and validate your first release cadence there.