Using multiple Environments makes it easy to restrict users to specific Apps or Databases.
The Environments a given user has access to is determined by their Roles.
Broadly speaking, two levels of access can be granted to Users through Custom Aptible Deploy Roles on a per-Environments basis (these permissions are configured in the Dashboard):
Manage Access provides Users with full read and write permissions on all resources in a particular Environment.
Read access provides Users with read-only access to all resources in an Environment, including App configuration and Database credentials.
Users with read access are not allowed to make any changes, or create Ephemeral SSH Sessions or Database Tunnels.