Enterprise Patterns¶
Best practices for using Claude Code in team and enterprise environments.
What You'll Learn¶
- Team configuration strategies
- Shared commands and settings
- Security considerations
- Workflow standardization
Team Configuration¶
Shared Project Settings¶
Store team-wide settings in .claude/settings.json:
{
"model": "claude-sonnet-4-20250514",
"permissions": {
"allowedTools": ["Read", "Edit", "Write", "Glob", "Grep", "Bash"],
"deniedPaths": ["**/secrets/**", "**/.env*", "**/credentials*"]
},
"hooks": {
"pre-tool-use": [
{
"matcher": "Edit",
"command": "npm run lint:check"
}
]
}
}
Commit this file to share with the team.
User Overrides¶
Individual developers can override in ~/.claude/settings.json:
User settings merge with project settings; project security rules take precedence.
Shared Slash Commands¶
Project Commands¶
Create team commands in .claude/commands/:
.claude/commands/
├── review.md # Code review checklist
├── deploy-check.md # Pre-deployment validation
├── onboard.md # New developer guide
└── debug.md # Team debugging process
Standard Commands¶
review.md - Team code review:
Review this code change following our team standards:
## Checklist
1. **Correctness** - Does it work as intended?
2. **Security** - OWASP top 10, input validation, secrets
3. **Performance** - N+1 queries, unnecessary computation
4. **Tests** - Coverage, edge cases, integration tests
5. **Style** - Matches our conventions in CONTRIBUTING.md
## Required
- All new functions have JSDoc
- Error handling follows our patterns
- No console.log (use logger)
- No hardcoded values (use config)
Report issues by file and line number.
deploy-check.md - Pre-deployment:
Perform pre-deployment validation:
1. Check for console.log statements
2. Verify no TODO/FIXME in changed files
3. Ensure all tests pass
4. Check for uncommitted changes
5. Verify environment variables are documented
6. Check for breaking API changes
Report any blockers.
Security Practices¶
Protected Paths¶
Prevent Claude from accessing sensitive files:
{
"permissions": {
"deniedPaths": [
"**/.env*",
"**/secrets/**",
"**/credentials*",
"**/*.pem",
"**/*.key",
"**/config/production*"
]
}
}
Audit Logging¶
Log all Claude operations:
{
"hooks": {
"post-tool-use": [
{
"matcher": "*",
"command": "/opt/scripts/log-claude-operation.sh"
}
]
}
}
#!/bin/bash
# /opt/scripts/log-claude-operation.sh
LOG_DIR="/var/log/claude-code"
LOG_FILE="$LOG_DIR/operations-$(date +%Y-%m-%d).log"
mkdir -p "$LOG_DIR"
echo "$(date -u +"%Y-%m-%dT%H:%M:%SZ") | $USER | $CLAUDE_TOOL_NAME | $CLAUDE_TOOL_ARGS" >> "$LOG_FILE"
Sensitive Operation Alerts¶
{
"hooks": {
"pre-tool-use": [
{
"matcher": "Bash:*rm*",
"command": "/opt/scripts/alert-destructive.sh"
},
{
"matcher": "Edit:**/database/**",
"command": "/opt/scripts/alert-db-change.sh"
}
]
}
}
Workflow Standardization¶
CLAUDE.md for Context¶
Every project should have a CLAUDE.md:
# CLAUDE.md
This file provides guidance to Claude Code when working with this repository.
## Build Commands
- `npm run build` - Production build
- `npm run dev` - Development server
- `npm test` - Run all tests
- `npm run lint` - Lint and format
## Architecture
- Express backend in /server
- React frontend in /client
- PostgreSQL for data persistence
- Redis for caching
## Key Patterns
- Services in /server/services handle business logic
- Controllers in /server/controllers handle HTTP
- All database access through /server/repositories
## Team Conventions
- Use functional components with hooks
- API responses use { data, error, meta } format
- Errors extend BaseError class
- Tests alongside source files (*.test.ts)
Standard Development Workflow¶
## Development Process
1. Create feature branch from main
2. Make changes with Claude Code
3. Run `/review` before committing
4. Run `/deploy-check` before PR
5. Create PR with Claude's help
MCP for Enterprise Tools¶
Internal APIs¶
Connect Claude to internal services:
{
"mcpServers": {
"internal-api": {
"command": "node",
"args": ["/opt/mcp/internal-api-server.js"],
"env": {
"API_URL": "${INTERNAL_API_URL}",
"API_TOKEN": "${INTERNAL_API_TOKEN}"
}
}
}
}
Documentation Search¶
Connect to internal documentation:
{
"mcpServers": {
"docs": {
"command": "node",
"args": ["/opt/mcp/docs-server.js"],
"env": {
"DOCS_INDEX_PATH": "/data/docs-index"
}
}
}
}
Cost Management¶
Model Selection¶
Use appropriate models for different tasks:
{
"defaultModel": "claude-haiku-3-5-20241022",
"modelOverrides": {
"complex-analysis": "claude-sonnet-4-20250514",
"simple-edits": "claude-haiku-3-5-20241022"
}
}
Context Management¶
Keep conversations compact:
Rate Limiting¶
Implement team-wide rate limiting:
#!/bin/bash
# Rate limit check hook
RATE_FILE="/tmp/claude-rate-$(whoami)"
NOW=$(date +%s)
WINDOW=3600 # 1 hour
MAX_CALLS=100
# Clean old entries
if [ -f "$RATE_FILE" ]; then
awk -v now="$NOW" -v window="$WINDOW" '$1 > now - window' "$RATE_FILE" > "$RATE_FILE.tmp"
mv "$RATE_FILE.tmp" "$RATE_FILE"
fi
# Count calls
COUNT=$(wc -l < "$RATE_FILE" 2>/dev/null || echo 0)
if [ "$COUNT" -ge "$MAX_CALLS" ]; then
echo "Rate limit exceeded. Please wait before making more requests."
exit 1
fi
echo "$NOW" >> "$RATE_FILE"
exit 0
Team Onboarding¶
Onboarding Command¶
.claude/commands/onboard.md:
Welcome to the team! Let me help you get oriented.
1. **Project Overview**
- Explain what this project does
- Describe the tech stack
- Show the directory structure
2. **Key Files**
- Point out the most important files to understand
- Explain the entry points
3. **Development Setup**
- What to install
- How to run locally
- How to run tests
4. **Team Patterns**
- Our coding conventions
- Common patterns used
- Things to avoid
5. **Getting Help**
- Where to find documentation
- Who to ask for help
- Useful slash commands
Start by exploring the codebase, then present this information clearly.
Incident Response¶
Debug Command for Production¶
.claude/commands/incident.md:
Production incident response mode.
Given: $ARGUMENTS
1. **Gather Context**
- Check recent deployments
- Review related logs (if accessible)
- Identify affected components
2. **Hypothesize**
- What could cause this behavior?
- What changed recently?
- Are there similar past incidents?
3. **Investigation Plan**
- What files should we examine?
- What data would help?
- What can we safely check?
4. **Mitigation Options**
- Quick fixes available?
- Rollback possible?
- Feature flags to disable?
Be systematic and document findings.
Try It Yourself¶
Exercise: Team Setup¶
-
Create a complete
.claude/directory structure: -
Configure appropriate security rules
- Create commands matching your team's workflow
- Document in CLAUDE.md
Exercise: Audit System¶
- Create a logging hook that records all operations
- Build a script to summarize daily activity
- Set up alerts for sensitive operations
What's Next?¶
Optimize Claude Code performance in 03-performance.
Summary:
- Share settings and commands via .claude/ in version control
- Protect sensitive files with deniedPaths
- Log operations for auditing
- Standardize workflows with CLAUDE.md and slash commands
- Connect to enterprise tools via MCP
- Manage costs with model selection and context compaction
Learning Resources¶
Featured Video¶
Edmund Yong: 800+ Hours Claude Code - Enterprise (Popular tech channel)
Enterprise patterns for team configuration, security controls, and workflow standardization.
Additional Resources¶
| Type | Resource | Description |
|---|---|---|
| 🎬 Video | Software Design Patterns | Enterprise architecture patterns |
| 📚 Official Docs | Settings Guide | Team configuration documentation |
| 📖 Tutorial | Best Practices | Enterprise patterns from Anthropic |
| 🎓 Free Course | Command Suite | Team workflow templates |
| 💼 Commercial | Enterprise Copilot Guide | Microsoft enterprise patterns |