Skip to content

Profiles overview

Profiles bundle configuration defaults for environments, tenants, and applications so platform teams can apply consistent policies with minimal manual effort. Each profile defines resource limits, access controls, and automation hooks that downstream apps inherit.

Profile types

  • Environment profiles set baseline infrastructure sizes, regional placement, and network guardrails.
  • Access profiles align roles, entitlements, and SSO mappings for tenant administrators and service accounts.
  • Automation profiles bind pipelines, observability dashboards, and backup routines to workload classes.

Compose these profiles to match your organizational hierarchy, then assign them to deployments during provisioning.

Lifecycle management

Profiles follow a versioned lifecycle:

  1. Draft new revisions in a staging project and validate against non-production environments.
  2. Promote the revision by tagging it as stable once validation passes.
  3. Deprecate older revisions after dependent deployments upgrade or reach end of support.

Track profile changes in Git so audits capture the rationale behind each revision.

  • opsflowctl profile list shows available profiles and current revision tags.
  • opsflowctl profile diff <profile> --from <rev1> --to <rev2> highlights configuration changes.
  • opsflowctl profile apply <profile> --target <deployment> enforces the selected revision across environments.