Safety Verification

How NightOps ensures your resources are managed safely and reliably.

Production Protection

NightOps uses multiple layers of protection to ensure production resources are never accidentally affected by scheduled operations.

Tag-Based Protection

NightOps only manages resources that are explicitly tagged. Resources without the nightops-managed=true tag are never touched. Additionally, you can add a nightops-production=true tag to resources that should always be protected, even if they're accidentally added to a schedule.

Schedule Validation

Before any schedule is applied, NightOps validates:

• All targeted resources have the required managed tag
• No resources have the production protection tag
• The schedule doesn't conflict with existing schedules
• The user has appropriate permissions in their cloud provider

Pre-Operation Checks

Before stopping or starting any resource, NightOps performs real-time health checks to ensure the operation is safe.

Stop Operations

Before stopping a resource, NightOps verifies:

• The resource is currently running
• No active connections or in-flight requests (where applicable)
• No pending deployments or updates
• The resource is not in a critical state

Start Operations

After starting a resource, NightOps confirms:

• The resource reaches a healthy state
• Health checks pass (if configured)
• The resource is accepting connections

Audit Logging

Every operation performed by NightOps is logged with full context, including:

• Timestamp and timezone
• Resource identifier and type
• Operation performed (stop/start)
• Schedule that triggered the operation
• User who created the schedule
• Result (success/failure) and any error details

Audit logs are retained for 90 days by default and can be exported at any time for compliance purposes.

Override & Emergency Access

Need a resource running outside its scheduled hours? NightOps provides multiple ways to override schedules:

Slack Commands

Use /nightops start <resource> to immediately start a resource, overriding its schedule until the next scheduled start time.

MCP Integration

Ask your AI assistant to start resources using the NightOps MCP integration. Perfect for development workflows where you need resources on-demand.

Dashboard

Click the "Start Now" button on any resource in the dashboard to override its schedule. You'll be notified when the resource would normally be stopped so you can extend if needed.

Permissions Model

NightOps follows the principle of least privilege. We request only the minimum permissions needed to manage your resources:

• Read access to list and describe resources
• Start/Stop permissions for the specific resource types you enable
• Tag read access to identify managed resources

We never request or use permissions for data access, deletion, or modification beyond start/stop operations.