Role-Based Access Control in QuickInfra: Managing Cloud Permissions Across Large Teams

The most common source of production cloud incidents isn't a technical failure — it's a human with too much access doing something they shouldn't have. QuickInfra's user access model makes least-privilege access practical for real engineering teams without creating an access request bureaucracy.

The QuickInfra Permission Model

QuickInfra organises permissions around three dimensions: role (what actions can you perform), scope (which projects or resources can you act on), and environment (dev vs staging vs production). A developer might have full access to development and staging Infrastructure Projects but read-only access to production. An SRE might have full access to monitoring and Custom Scripts but cannot modify Infrastructure Project configurations.

Built-In Roles

QuickInfra ships with four built-in roles:

• Owner — full administrative access including billing and user management
• Admin — full access to all infrastructure and pipeline operations
• Developer — read/write access to projects and pipelines, cannot modify cloud account connections or user access
• Viewer — read-only access to all resources, useful for stakeholders who need visibility without the ability to change anything

Custom Roles

For organisations with more complex requirements, custom roles let you compose permission sets from individual capabilities. A "Pipeline Operator" role that can trigger and monitor CI/CD pipelines but cannot create or delete them. A "Cost Auditor" role with read access to billing dashboards and nothing else. Custom roles are defined once and assigned to any number of users.

User Invitations and Onboarding

Go to Users → User List → Invite User. Enter the email address, select the role, and optionally scope the access to specific projects or cloud accounts. The invited user receives an email with a signup link. There are no shared passwords, no access key sharing — every user has their own authenticated session with clearly defined permissions.

Access Reviews

The User Access view shows every user in your organisation alongside their current role assignments, last login date, and any project-specific access scopes. SOC 2 and ISO 27001 require periodic access reviews — typically quarterly — to verify that access is still appropriate. QuickInfra's User Access view gives you the data you need for this review in one place.

Audit Logging

Every action performed by every user in QuickInfra is logged with a full audit trail: who did what, when, on which resource, and with what result. Audit logs are immutable and retained per your organisation's retention policy.