Skip to main content

Documentation Index

Fetch the complete documentation index at: https://www.qovery.com/docs/llms.txt

Use this file to discover all available pages before exploring further.

Preview: Remote Dev Environments Portal is currently in preview. Features and capabilities are under active development and may change.
Plan requirement: The RDE Portal is available as an add-on on the Business and Enterprise plans. See Qovery Pricing for details.
Looking for the CLI-based approach? See Remote Development Environments with the CLI for managing RDEs via qovery rde commands.

Why Remote Dev Environments?

AI coding tools have turned non-technical employees into builders. Finance analysts, sales ops leads, product managers, even executives - are using tools like Lovable, Bolt.new, and Replit to build and deploy applications with company data. No ticket filed. No IT approval. No one asking where the data goes. Consider the example: your finance analyst builds a retention analysis tool connected to your production database on Lovable. She didn’t know she needed to ask IT. She just described what she wanted and the AI built it. The tool is live, connected to sensitive data, running on shared infrastructure you don’t control - and your security team has zero visibility into it. This is shadow IT. Not the spreadsheet macros of the past - deployed web applications with database access, API keys in vendor-managed servers, and no audit trail. Every one of these apps is a compliance surface your CISO can’t see.

The Problem

On external platforms, your code, API keys, and data live on shared infrastructure you don’t control. No VPC peering, no private networking, no meaningful audit trail. In regulated industries - finance, healthcare, legal - this creates compliance gaps that certifications alone can’t close.

The Solution

The RDE Portal provides the same one-click builder experience - but on your own infrastructure, under your control. SSO, pre-configured blueprints, workspace isolation, publish approvals, full audit trails. Secure by architecture, not by policy.
Banning AI builder tools doesn’t work. The business value is too real. The answer is to provide a governed platform that builders actually want to use - where the official path is faster and easier than the workaround.
For a full analysis of the enterprise risks of Lovable, Bolt.new, and Replit, read Lovable, Bolt, and Replit Are Wonderful - Until Your CISO Finds Out.

Overview

The Remote Dev Environments (RDE) Portal is a self-service web application accessible at rde.qovery.com. It lets platform engineers define blueprint environments and gives builders - engineers and non-technical team members alike - the ability to create their own isolated cloud workspaces with one click. Just log in with your Qovery account to get started. The portal includes a built-in terminal with Claude Code and OpenCode chat for AI-assisted development, live app preview with viewport switching, publish workflows for deploying to production, and git snapshots for versioning your work. Authentication is handled through your existing Qovery account - no additional signup required.

Two Approaches to RDE

CLI-Based Management

Available Now - Platform engineers use qovery rde CLI commands for full control over environment provisioning, lifecycle management, and user access. Best for teams that want programmatic or automated RDE workflows.

Self-Service Portal

Preview - A web-based UI at rde.qovery.com where builders create environments themselves. No CLI, no Kubernetes knowledge needed. Requires a Business or Enterprise plan. This is what this documentation section covers.

Key Capabilities

One-Click Workspaces

Builders pick a blueprint, click Create, and get a fully configured development environment running on your infrastructure.

Built-in AI Tools

Every workspace includes a terminal with Claude Code and an OpenCode chat panel, preconfigured and ready to use.

Live Preview

See your running application directly in the browser with viewport switching for desktop, tablet, and mobile.

Publish to Production

Submit deployment requests with subdomain selection. Admins review and approve before the app goes live.

Blueprint Access Control

Restrict which blueprints are available to which users - by email address, email domain, or open to everyone.

Portal Customization

Custom branding with your logo, colors, and portal name. Configure the welcome screen and per-blueprint layout settings.

Security Center

Monitor active connections, configure IP firewall rules, and audit all workspace access from a centralized admin panel.

Blueprint Templates

Create blueprints from a built-in template gallery with pre-configured templates for developers, data teams, marketing, sales, and finance.

Multi-Cluster Support

Route workspaces to specific Kubernetes clusters per blueprint for data residency, resource isolation, or specialized hardware requirements.

Secure by Design

The RDE Portal uses a split architecture - the portal itself (UI and API) is hosted by Qovery at rde.qovery.com, while your workspace containers run entirely on your own Kubernetes cluster. Your cluster is never exposed to the internet - Qovery agents on your cluster initiate all connections outbound via TLS/gRPC.

Your Code Stays on Your Infrastructure

Workspace containers run on your Qovery-managed Kubernetes cluster. Source code, AI conversations, and application data never leave your infrastructure. The portal orchestrates workspaces but never stores your code.

No Inbound Ports

Your cluster is never exposed to the internet. Qovery agents on your cluster initiate outbound TLS/gRPC connections to the control plane. All traffic - terminal sessions, previews, deployments - flows through this cluster-initiated tunnel.

Streamed, Not Stored

Terminal sessions and application previews are streamed in real time from your containers through the cluster-initiated tunnel to the browser. The portal relays data without persisting it. When a session ends, nothing is recorded.

Full Admin Control

Platform engineers control everything: blueprint definitions, access control rules, workspace limits, publish approvals, and AI provider configuration. Workspace containers inherit your cluster’s compliance posture (SOC 2, HIPAA, GDPR, DORA).
For a detailed breakdown of the security architecture, streaming model, token management, and network security, see the Security & Data Residency page.

How It Works

The portal follows a clear separation between admin configuration and builder usage. Admins set up the portal and register blueprints with access controls. Builders log in, create workspaces from available blueprints, develop with the built-in tools, and publish their applications.

What Is a Blueprint?

A blueprint is a pre-configured workspace template created by your platform team. Think of it as a ready-to-use work environment - the right tools, the right database connections, the right API credentials - all set up and secured. Builders don’t configure anything. They pick a blueprint, click Create, and start building. The platform team controls what each blueprint can access: which databases, which internal APIs, which credentials. That governance is invisible to the builder. From their perspective, they just pick a template and get to work. Different teams get different blueprints, scoped to what they actually need:

Finance Blueprint

Pre-connected to the analytics database. Right tools, right access. A finance analyst can build a retention dashboard without ever touching a config file - or accidentally connecting to the wrong database.

Sales Blueprint

Pre-configured with CRM credentials and the internal pipeline API. Sales ops builds their own reporting tools without filing a ticket or waiting weeks for engineering bandwidth.

Marketing Blueprint

Connected to the content management API and the analytics stack. Marketing builds campaign tools and data views without infrastructure access.

Engineering Blueprint

Full-stack development environment with databases, services, and all the tools engineers need. The same isolated, reproducible setup for every developer on the team.
Each workspace is an isolated clone of the blueprint. One builder’s workspace cannot affect another’s. Admins see every workspace, every operation, and every publish request across the organization. No shadow IT - because the official platform is faster than the workaround.

Who Is This For?

Platform Engineers / Admins

You set up and control the portal.
  • Configure your organization on rde.qovery.com
  • Register blueprint environments from existing Qovery projects
  • Configure access control rules per blueprint
  • Manage active workspaces and approve publish requests
  • Customize portal branding and layout

Builders / Developers

You build and ship applications.
  • Create workspaces from available blueprints with one click
  • Use the built-in terminal with Claude Code for AI-assisted coding
  • Chat with OpenCode directly in the workspace
  • Preview your running application in the browser
  • Publish your app to production with subdomain selection

Prerequisites

Before using the RDE Portal, make sure you have:
  • An active Qovery account on a Business or Enterprise plan with the RDE Portal add-on enabled - see Pricing
  • A running Kubernetes cluster on Qovery
  • At least one Qovery project and environment to use as a blueprint template
  • Organization admin access for initial portal configuration

Getting Started

Admin Setup

Configure your portal, register blueprints, and set up access control.

Create Your First Workspace

Spin up your first development environment in minutes.

Explore

For Admins

Manage blueprints, users, and portal settings.

For Users

Learn to use the workspace dashboard and editor.

Security & Data Residency

How the portal keeps your data on your infrastructure.

Architecture

Understand how the portal works under the hood.