Skip to main content
Qovery Secure provides essential security features to protect your applications and data, including role-based access control, secrets management, and audit logging.

Key Security Features

RBAC

Control who can access and modify your resources

Secrets Management

Securely store and inject sensitive data

Doppler Integration

Universal secrets manager integration

Audit Logs

Track all changes to your organization

Role-Based Access Control (RBAC)

Qovery implements a role-based access control system to manage member permissions across your organization, clusters, projects, and environments.

Default Roles

Full administrative access:
  • Full organizational access
  • Edit and delete organization
  • Manage billing
  • Invite/remove members
  • Create/delete clusters
  • Create/delete projects
  • Deploy and stop services
  • Shell access to applications
  • View audit logs
  • Manage API tokens
Note: Only one Owner per organization
Full permissions except organization deletion:
  • Edit organization settings
  • Manage billing
  • Invite/remove members
  • Create/delete clusters
  • Create/delete projects
  • Deploy/manage all environments
  • Shell access to applications
  • View audit logs
  • Cannot: Delete organization
Infrastructure and deployment management:
  • Manage clusters, container registries, and webhooks
  • Deploy and stop services
  • Shell access to applications
  • Manage environment variables
  • View logs and metrics
  • Cannot: Edit organization settings
  • Cannot: Manage billing
  • Cannot: Manage members
Billing management only:
  • View organization information
  • Manage billing
  • Update payment methods
  • View invoices
  • Cannot: Edit organization settings
  • Cannot: Manage members
  • Cannot: Deploy or manage infrastructure
  • Cannot: Shell access to applications
Read-only access:
  • View organization information
  • View projects and environments
  • View logs and metrics
  • View configurations
  • Cannot: Edit organization settings
  • Cannot: Manage billing
  • Cannot: Manage members
  • Cannot: Deploy or stop services
  • Cannot: Shell access to applications

Custom Roles

Create tailored roles when default options are insufficient. Cluster-Level Access:
  • Read-Only: View cluster information
  • Create Environment: Deploy new environments on specific clusters
  • Full Access: Manage cluster settings and create environments
Project-Level Access (by environment type):
  • No Access: Cannot see the project
  • Read-Only: View without modification
  • Deploy: Handle deployments and logs, manage variables
  • Manage: Modify deployments and environment structure
  • Full Access: Complete project administration
Users with custom roles cannot create clusters or manage organization-wide settings like webhooks or API tokens.
Members need to logout/login to activate role changes, or changes take effect within one hour maximum.
Configure RBAC:
  1. Go to Organization SettingsMembers
  2. Click Invite Member or edit existing member
  3. Select role (default or custom)
  4. Configure project/environment access if using custom role
  5. Send invitation

Secrets Management

Qovery provides secure environment variable and secrets management for your applications.

Variable Types

Classic Variables: Standard key-value pairs accessible at build time and runtime. Secrets: Encrypted variables with values inaccessible through API or UI. Values are only available to applications during execution. File-Based Variables: Variables stored as files at a specified path. Your application accesses the file location via the variable name.

Variable Scopes

Variables operate at three hierarchical levels:
  1. Project: Shared across all environments and applications within the project
  2. Environment: Shared across all applications within one environment
  3. Application: Available to a single application only

Built-in Variables

Qovery automatically generates variables following the pattern QOVERY_<SERVICE_TYPE>_<SERVICE_ID>_<SPEC>, enabling easy service interconnection. Examples: 
# Database connection
QOVERY_DATABASE_MY_POSTGRES_HOST
QOVERY_DATABASE_MY_POSTGRES_PORT
QOVERY_DATABASE_MY_POSTGRES_USERNAME
QOVERY_DATABASE_MY_POSTGRES_PASSWORD
QOVERY_DATABASE_MY_POSTGRES_DATABASE

# Application URL
QOVERY_APPLICATION_MY_API_URL

Creating Secrets

  • Console
  • Terraform
  1. Navigate to your ApplicationVariables
  2. Click Add Variable
  3. Enter variable key
  4. Select Secret type
  5. Enter secret value
  6. Choose scope (Application, Environment, or Project)
  7. Click Save
Secret values are encrypted and cannot be viewed after creation. Only the first and last 3 characters are shown.

Doppler Integration

Doppler is a universal secrets manager that integrates with Qovery, allowing you to store and manage your application secrets in a single place and access them from anywhere.

What is Doppler?

Doppler provides:
  • Centralized secrets management
  • Team collaboration on secrets
  • Secret versioning and rollback
  • Automatic secret rotation
  • Compliance and audit trails

Setup Doppler Integration

To integrate Qovery with Doppler, follow the official Doppler documentation:

Doppler Integration Guide

Complete setup instructions for connecting Qovery with Doppler

Benefits

  • Centralized Management: Manage all secrets in one place
  • Team Collaboration: Share secrets securely with team members
  • Automatic Sync: Secrets automatically sync to Qovery
  • Audit Trail: Track who accessed and modified secrets
  • Secret Rotation: Easily rotate secrets across all environments

Audit Logs

Qovery’s audit logs enable organizations to track all actions and changes within their system.

What Gets Tracked

Qovery monitors all API calls for your organization, including:
  • Application deployments
  • Configuration changes
  • Environment modifications
  • Cluster updates
  • User management actions
  • RBAC changes
  • Secret modifications
  • API token usage

Event Details

Each logged event includes:
  • Timestamp: When the action occurred
  • Event Type: CREATE, UPDATE, DELETE, TRIGGER_DEPLOYMENT, etc.
  • Target Type: Environment, Cluster, Role, Application, Database, etc.
  • Target: The specific object modified
  • Change: High-level description of what was modified
  • User: Who made the change (or API token name if via API)
  • Tool: How the change was made (Console, Terraform, CLI, Git push)

Accessing Audit Logs

  1. Navigate to Organization Settings
  2. Click Audit Logs in the left sidebar
  3. View the list of all events
  4. Use filters to narrow down results:
    • Time range
    • Target type
    • Target name
    • Event type
  5. Click on an event to see full details including JSON response

Use Cases

  • Security Monitoring: Track unauthorized access attempts
  • Compliance: Maintain records for audits (SOC 2, GDPR, etc.)
  • Troubleshooting: Identify what changed before an incident
  • Team Accountability: Track who made specific changes
  • Change Management: Review all infrastructure modifications

Retention

Audit logs retention period depends on your Qovery plan. Export logs regularly if you need longer retention for compliance purposes.

Best Practices

Principle of Least Privilege

Grant minimum required permissions to users and services

Use Secrets for Sensitive Data

Never use plain variables for passwords, API keys, or tokens

Rotate Secrets Regularly

Change credentials and API keys quarterly or after team changes

Review Access Quarterly

Audit user permissions and remove inactive users

Monitor Audit Logs

Regularly review audit logs for suspicious activities

Use Custom Roles

Create project-specific roles for better access control

Next Steps

Configuration Reference

Learn more about organization configuration

Environment Variables

Complete guide to environment variables

Doppler Documentation

Setup Doppler integration

Observe Your Apps

Monitor security events and logs