Permissions and Security Setup | Bondar Academy

Lesson Summary

This lesson focuses on configuring cloud code modes to enhance security and manage permissions effectively. There are two modes: Conservative Mode: Prompts for permission before using certain tools. You can create an allow list to prevent repeated prompts. Auto Mode: Operates autonomously without prompts, which can lead to potential risks if undesirable commands are executed. To mitigate risks, you can create a deny list in your configuration. This deny list can be managed at both the project level and user level , providing protection across all projects on your computer. Configuration Steps In the Bonder Academy LMS project, the configuration file is local.json . The user settings file is located at: user/art/Bonder/cloud/settings.json Key configurations in the deny list include: Preventing pushes to the main or master branch. Disallowing git reset commands. Restricting access to .env files to protect sensitive information. Important Note: While the deny list provides some protection, it does not guarantee complete security against all access to sensitive data. It is recommended to use secret managers or password managers to store sensitive information securely. For sensitive areas of your application, you can ask the cloud to help brainstorm commands to add to the deny list, ensuring better management of your environment. Stay secure, and see you in the next lesson!