Skip to main content
Version: 3.0.0

Environment

Overview

In Ascend, Environments are used to manage and isolate resources for different stages of the Software Development Lifecycle (SDLC). Each Environment contains resources specific to that stage, and also allows you to configure specific security boundaries for resources external to Ascend, like any User-managed Vaults you may be connecting to.

Environment Settings Page

Within Ascend, you can choose how to configure your Environments. In most cases, you will want to configure your Environments as follows:

  • Development (dev): Used for building and testing new features or changes. This Environment is the most flexible and is often used by developers to experiment, test code, and make adjustments without impacting live operations.

  • Staging (stage): Mirrors the production setup and is used for final testing and validation before deploying changes live. It helps catch issues that might not be visible in development but could affect production.

  • Production (prod): The live Environment where actual data processing occurs and final outputs are generated. This Environment is tightly controlled to ensure stability, performance, and reliability.

Key Features

Environment Identity

For each Environment, Ascend provides a Service Account or Service Principal you authorize to access resources in the your cloud account. These identities are available for AWS, Azure, and GCP. You can manage the resources accessed by each Environment through these Environment identities, allowing for explicit separation between development, staging, and production resources.

An example of this is if you are setting up an User-Managed Vault in your Environment. You would grant the Ascend identity access to the Vault in your chosen cloud provider. When Ascend needs to access secrets at runtime, Ascend will assume the Environment identity to access the Vault and retrieve the secret.

Vaults

  1. Environment Vaults: Environment Vaults are vaults that are managed by Ascend and are created alongside your Environment.

  2. User-Managed Vaults: You can also choose to manage your own User-Managed Vault by granting the Ascend identity access to a Vault in your cloud provider.

Workspaces and Deployments

Workspaces and Deployments are launched in a specific Environment, and cannot be moved to another Environment once they are created. Typically, you will launch Workspaces in your Development Environment, as that is the where you will build out your Ascend Flows. Deployments are typically launched in higher-level Environments, like Staging and Production, as these Environments are for either testing changes, or for running live Flows.

In rare cases, you can launch a Workspace in a Staging or Production Environment to make hotfixes or quick changes. However, it is generally recommended to follow the steps of the Software Development Lifecycle and promote changes from Development to Staging to Production.

Last updated on