Managing a single database has its challenges. Managing a fleet of them—spread across different cloud providers, powering various microservices, and serving multiple environments—is a monumental task, especially when it comes to security. Credential sprawl, inconsistent permissions, and a fragmented audit trail can leave your most critical data assets vulnerable.
This is where the paradigm of "database as code" becomes a security game-changer. By treating your data infrastructure as a programmable service, you can enforce security policies systematically and gain unprecedented visibility. The databases.do agent is designed for this exact purpose, providing a centralized control plane to secure your entire database fleet.
This post will explore how you can leverage databases.do and the .do Agentic Workflow Platform to implement robust, centralized access control and a unified auditing system for your multi-cloud data fleet.
As organizations scale, their data infrastructure often grows organically. This can lead to a complex and fragmented security landscape with several common pain points:
The databases.do agent transforms this chaos into order by acting as a single, secure gateway for all database fleet operations. Instead of interacting directly with each cloud provider's API, your teams and services interact with the unified databases.do API.
As our documentation states:
"All interactions are secured through the .do platform's centralized authentication and authorization. You can define fine-grained policies to control which users or services have the permission to list, create, or destroy database instances within your fleet."
This approach fundamentally changes how you manage data fleet security.
With databases.do, your services no longer need direct, long-lived credentials for the underlying cloud platforms. They only need to authenticate with the .do platform. The agent handles the secure interaction with the respective cloud provider APIs on your behalf.
This means you can issue short-lived, narrowly-scoped tokens for your CI/CD pipelines or microservices to perform specific actions, like provisioning a new test database, without ever exposing the master cloud credentials.
The .do platform allows you to define powerful, fine-grained access policies as code. These policies are centralized and apply across your entire fleet, regardless of the cloud provider or database type.
Imagine defining a policy that states:
Because these policies are code, they can be version-controlled in Git, peer-reviewed, and deployed automatically, ensuring a consistent and auditable security posture.
Every action performed through the databases.do agent—whether it's listing instances, provisioning a new cluster, or deleting an old one—is logged in a centralized, immutable audit trail.
This turns complex security forensics into a simple query. Want to know who has modified your fleet in the last 24 hours? A single API call to the .do logging service gives you the answer. This unified log provides a clear, chronological record of every change, who made it, and when it happened, satisfying compliance requirements and simplifying incident response.
Let's see how this Ccntralized security model improves common workflows.
Secure Provisioning via CI/CD:
Your continuous integration pipeline needs to spin up a preview database for a pull request. Instead of embedding AWS credentials in your pipeline, you provide a .do API token with a policy that only allows it to create and destroy databases tagged with env:preview.
import { Do } from '@do-sdk/core';
// Initialize with a narrowly-scoped token from the CI/CD environment
const ado = new Do({ authToken: process.env.DO_PREVIEW_TOKEN });
const myDatabases = ado.use('databases.do');
// Provision a new database for the PR
const previewDb = await myDatabases.create({
type: 'postgres',
provider: 'aws',
region: 'us-west-2',
plan: 'db.t3.micro',
tags: { env: 'preview', pr: '123' }
});
console.log(`Successfully created preview database: ${previewDb.id}`);
The DO_PREVIEW_TOKEN has just enough permission to do its job and nothing more. The underlying cloud credentials are never exposed to the build agent.
Automated Teardown and Cleanup:
When the pull request is merged or closed, another automated workflow can call myDatabases.destroy(previewDb.id). The action is permitted by the same policy and is logged in the central audit trail.
Adopting a "database as code" approach with databases.do is about more than just automation; it's about embedding security into the very fabric of your data infrastructure management.
By centralizing access control and auditing through a single control plane, you dramatically reduce your security risk. You eliminate credential sprawl, enforce the principle of least privilege consistently across a multi-cloud environment, and gain a complete, unified view of all activity across your data fleet.
Ready to tame your data fleet and centralize its security? Explore the databases.do agent and start building secure, auditable, and powerful agentic workflows for your data infrastructure today.