Access & Ownership
Who holds the keys to each account, and where credentials live. The goal: no single point of human failure — every critical account should have at least two people who can get in.
🔒
Credentials never go in this handbook. This page records who has access and which password-manager vault holds the login — never the password, key, or seed itself.
Account ownership
| Account | Primary owner | Backup owner | Credentials live in | MFA recovery held by |
|---|---|---|---|---|
| GoDaddy (domains) | TODO | TODO | TODO | TODO |
Squarespace (hellobellocdn.com) | TODO | TODO | TODO | TODO |
| Cloudflare (DNS/CDN/Access) | TODO | TODO | TODO | TODO |
| Vercel | TODO | TODO | TODO | TODO |
| Render | TODO | TODO | TODO | TODO |
| AWS | TODO | TODO | TODO | TODO |
| Shopify | TODO | TODO | TODO | TODO |
| Recharge | TODO | TODO | TODO | TODO |
| Braintree / Stripe | TODO | TODO | TODO | TODO |
GitHub org (launched-la) | TODO | TODO | TODO | TODO |
| …every vendor in Subscriptions | TODO | TODO | TODO | TODO |
Who can read this handbook
Access to this site is controlled by Cloudflare Access (see the repo’s SETUP.md). People are
added by email — they do not need a GitHub account or repo access.
| Person | Role | Added |
|---|---|---|
| TODO | TODO | TODO |
📝
TODO: as you grant Access to the DTC director, PM, etc., log them here so the access list is itself documented and auditable. Review this list quarterly and on every offboarding.