Magento Ops Monitor
Security

Tenant-safe monitoring with explicit access boundaries

Ops Monitor enforces organization scope, role checks, and feature gates before sensitive operations.

Org isolation + RBAC

  • Organization context is resolved before data queries.
  • Member/admin/billing/owner checks gate write actions.
  • Superadmin access is explicit and auditable.

Ingest key handling

  • Store API keys are hashed at rest.
  • Raw keys are shown once on creation or rotation.
  • Revoked keys are denied immediately.

Alert and email safeguards

  • Quiet hours and maintenance suppression reduce noisy wake-ups.
  • Alert events keep an auditable sent/suppressed trail.
  • Email delivery supports simulation mode for safe testing.

Least-privilege data model

  • Operational telemetry is prioritized over customer PII collection.
  • Synthetic checks only persist health and timing outcomes.
  • Marketing tracking stores hashed IP values, not raw addresses.