Managed Services infrastructure

These pages contain generated operational guidance for the infrastructure of the 13 Managed Services Platform (MSP) services (across 20 environments) currently in operation at Sourcegraph. This includes information about each service, configured environments, Entitle requests, common tasks, monitoring, custom documentation provided by service operators, and so on. In addition to service-specific guidance, General guidance is also available.

MSP is owned by Core Services, but individual teams are responsible for the services they operate on the platform.

Services are defined in sourcegraph/managed-services, though service source code may live elsewhere.

Customer Support

Managed Services Platform services owned by Customer Support:


Managed Services Platform services owned by cloud:


Managed Services Platform services owned by cody-plg:


Managed Services Platform services owned by cody-services:


Managed Services Platform services owned by cody-strat:


Managed Services Platform services owned by core-services:


Managed Services Platform services owned by dev-experience:


Managed Services Platform services owned by security:

General guidance

Infrastructure access

For MSP service environments other than category: test, access needs to be requested through Entitle. Test environments are placed in the “Engineering Projects” GCP folder, which should have access granted to engineers by default.

Entitle access to a production MSP project is generally provisioned through the mspServiceReader and mspServiceEditor custom GCP roles, which provide read-only and editing access respectively. Convenience links for requesting these roles are available in the per-service operation pages above, based on each environment.

You can also choose to request access to an individual project in Entitle by following these steps:

  • Go to and select Specific Permission
  • Fill out the following:
    • Integration: GCP Production Projects
    • Resource types: Project
    • Resource: name of MSP project you are interested in
    • Role: mspServiceReader (or mspServiceEditor if you need additional privileges - use with care!)
    • Duration: choose your own adventure!

The custom roles used for MSP infrastructure access are configured in sourcegraph/infrastructure.

Terraform Cloud access

Terraform Cloud (TFC) workspaces for MSP can be found using the msp workspace tag.

To gain access to MSP project TFC workspaces, log in to Terraform Cloud and then request membership to the Managed Services Platform Operators TFC team via Entitle. This TFC team has access to all MSP workspaces, and is configured here.

Note that you must log in to Terraform Cloud before making your Entitle request. If you make your Entitle request, then log in, you will be removed from any team memberships granted through Entitle by Terraform Cloud’s SSO implementation.

For more details, also see creating and configuring services.