Use Agentic tools (like Claude) for Heroku review app debugging
equivalent
Let’s say you want to give Claude CLI (or other agentic tools) access to your Heroku review apps for easier debugging.
Claude is quite good at running bash commands and can execute heroku run commands, which allows it to run code directly inside your Heroku environment.
For example:
heroku run rails runner "Author.where(name: 'Tomas').count" -a name-of-my-review-app
This is useful because it can surface real runtime data from the review app directly into the LLM’s context, making debugging much more effective.
The security concern
What I’m not fully comfortable with is giving Claude full access to the Heroku CLI, especially anything that could potentially reach production environments.
Yes, you can instruct Claude not to touch production, but I wouldn’t bet my job on the assumption that it will never make a mistake or misinterpret a command.
A safer alternative: a restricted Heroku account
Instead, a better approach is to use a separate Heroku account with limited permissions. This account only has access to review apps — not production.
In this setup, Claude runs CLI commands using this restricted account, which significantly reduces blast radius.
Heroku’s permission model limitation
Heroku currently has only three main access levels:
- Admin – full access to everything in the organization
- Member – can manage deployments across the organization
- Contributor – limited to specific apps
The problem is that while Contributor access is app-specific, it still requires manual management per application.
The solution: dynamically granting access to review apps
The approach I’m using is to create a restricted “bot” user and programmatically grant it access to each review app as they are created.
From a machine with Admin-level Heroku CLI access:
heroku access:add tomas+bot@myapp.co.uk -a myorg-blablabla-csh0fa
To list all apps in a Heroku pipeline:
heroku apps --team=myorg
Where:
myorgis the Heroku pipeline / team namemyorg-blablabla-csh0fais a review app nametomas+bot@myapp.co.ukis the restricted bot account used by Claude
Setup overview (how this works in practice)
To make it concrete:
- One machine (or VM) runs Claude and is logged into Heroku CLI using a restricted bot account (
tomas+bot@myapp.co.uk) - A separate machine is logged in with Admin access
The Admin machine is responsible for:
- Discovering new review apps in the pipeline
- Granting the bot account access to each new review app as they’re created
So Claude never touches production credentials or full-access Heroku access — it only operates through a limited account and only on explicitly granted review apps.