Limit yourself (in a good way) with environments governance

As tech teams and projects grow, and with those their use of Contentful, implementing distinct roles and permissions becomes increasingly important. While these new capabilities help ensure projects turn out as expected with no code hurt in the process, they shouldn’t be seen as restrictive. Instead, think of these capabilities as guides that help team members focus on areas of projects where they will have the biggest impact.

"We are excited that the environments governance feature is here — and relieved," says Ryan Ku, senior digital platform manager, Rogers Communications. "We currently use sandbox environments extensively for feature branching and testing, and grant access to over 200 users with different roles — developers, QA testers and content authors. Without Contentful’s new feature, any of these roles could accidentally or maliciously delete an environment. It really closes a security hole and brings another enterprise-grade feature to the platform."

With the right balance of limits and permission, CI/CD can run smoothly and developers can work on staging, QA and testing without impacting each other or the performance of the final digital experience. Like those of us who now realize the importance of the vegetables our parents pushed at us or the insistance on brushing our teeth twice a day — developers, creatives and internal team members will eventually see the big picture benefits of environments governance.

This short video will walk you through the features and benefits of environments governance.

Scale faster with robust workflows

As an enterprise developer, environments governance can make you more powerful and more flexible by extending roles and permissions across your space’s environments so you can build more robust workflows, improving speed of delivery and reliability.

Previously, users could only see either just the master environment or every single environment in a space. Now you can limit which environments individuals of given roles can see. It’s also now possible to control the permissions users with a given role have within these environments. Previously permissions were blanket in the space.

Avoid digital “oops” moments

Sometimes limits can actually set you free. With the right protections in place, multiple tech teams can work independently and concurrently, while impacting just their portion of the project. This lets everyone work as quickly as they need to, without the risk of costly development errors. 

"Now we can set up a CI/CD pipeline when creating or removing environments and assign users access to them programmatically with their proper roles," says Ryan. “For example, a service delivery user would create an environment when a PR is merged, validate changes in either an automated or manual fashion and remove when the feature is deployed. All with the assurances that the change is code-reviewed. QAs and developers would only have access to change content types and edit in their specified environments. This takes the possibility of human error out of the equation."

Environments governance can help you increase:

• Scale – More control over environments ensures work gets done safely and efficiently, with multiple teams able to work on the same digital experiences without impacting each other

• Speed – Working policies and permissions within environments help developers deliver faster

• Flexibility – Reuse existing roles to define access to specific environments and aliases

• Reliability – Extending roles and permissions, as well as controlling access to the master, reduces the risk of human error causing an outage in digital experiences

Help your enterprise digital teams work faster and more independently

Enterprises looking to deepen their CI/CD workflows or who need to have strict content governance in place will get the most value from environments governance, since they typically require more complex testing and release workflows. 

With environments governance your enterprise digital team can:

• Create roles to access defined environments: Restrict QA engineers to only the master and staging environments they need access to. They will have the right to test and approve the changes to do their job, but with a reduced risk of errors and accidental changes. 

• Control access to the master environment: It’s now possible to restrict access to the master environment while retaining full access to selected other environments. This allows engineers to build and test confidently, while knowing that there won’t be an impact on end users. 

• Protect sensitive development: Environments can be restricted to only a few users, allowing experiences to be built for new products or confidential data without granting access to those who don’t need to know. Environment names and metadata are still viewable even to those who don’t have access to the restricted environment, so we recommend using codenames to really keep a low profile.

• Give editors realistic training without the risk: Editors can learn in a non-production environment using roles that mimic the access they have in the master environment. This eliminates the risk of training within the master environment, and allows faster training in safe environments.

• Test new roles safely: Ensure permissions for new roles are set correctly without affecting production.

• Grant limited access to external contributors: Control contactors’ access to only the environments they need, reducing risk and improving information security.

Start setting limits to set yourself free!

If you’re already a Contentful premium customer then you need look no further than your custom role creation & management tools to find your environments governance settings. Environments governance rules can be applied to existing and new roles, and are available now to all premium users in P1X spaces and larger.

To learn more about how to get environments governance set up in your instance, visit our help center, read our developer documentation, or request a premium trial of Contentful today.