Role-Based Manual Approval

Learn how role-based manual approvals in Armory Continuous Deployment-as-a-Service can enforce your SDLC’s approval processes.

Overview of role-based manual approval in Armory CD-as-a-Service

You can use role-based manual approvals to enforce approval processes within your SDLC. For example, if a release manager must provide a signoff before production deployment, you can create a “Release Managers” role and configure a manual approval to require approval by that role.

Before you begin

How role-based manual approval works

Any manual approval can be role-based. In your deployment manifest, you add a requiresRoles field to specify which roles can issue the approval.

...
pause:
  untilApproved: true
  requiresRoles: []
...
  • requiresRoles: list of RBAC roles

    • The list must have at least one entry.
    • Omitting this field means that any user with access to the deployment can issue the approval.

Rules

  • Users assigned any of the roles in the list can issue the approval. The Approve button is disabled if the user doesn’t have the correct role.
  • Users assigned the Organization Admin role can issue an approval in any deployment regardless of tenant.
  • Users assigned a Tenant Admin role can issue an approval in any deployment in their specific tenant.

What’s next


Last modified December 27, 2022: (4e05ffa)