dFlow splits security into two ideas: how the control plane reaches your compute, and who in your Organisation can use the dashboard.

Control plane to Worker Nodes

The dashboard stores SSH keys and, for linked cloud accounts, security groups so dFlow can provision and manage Worker Nodes. Those live under Security in your Organisation (SSH Keys and Security Groups tabs).

• SSH keys for SSH access to self-hosted or cloud servers.
• Security groups for inbound and outbound rules on supported providers (for example AWS) when you use cloud-backed nodes.

Who can do what in the dashboard

Every member belongs to one Organisation (tenant) at a time in the UI context, with a role that maps to granular permissions (RBAC). Invites, member lists, and Role Management sit under Workspace → Team (Team Members).

• Tenant access model for how Organisation boundaries and roles fit together.
• Roles and permissions for the permission collections and limits.
• Invites and team members for onboarding people.

Hardening and when things break

• Security best practices for SSH, cloud rules, roles, and secrets habits.
• Security troubleshooting for common access and connectivity failures.

Related

• Organisations and tenants (Core Concepts)
• Compute and Worker Node issues (Troubleshooting)