CircleCI Ideas

Access Control and Logging around Workflow approval steps

As a user, I want to use CircleCI's workflow approval step as a "sign off" for continuous deployments to production. This necessitates approval from certain parties within the organisation (such as approval of a terraform plan created in a previous step, before applying it).

This only becomes viable in compliance and security heavy environments if there is full traceability and access control around these decisions.

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Apr 11 2019
  • New
  • Attach files
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    25 Mar 08:27pm

    One can see who approved a step in the UI, but it is literally just the user's avatar icon attached to the approval step. No other information is available, and an avatar picture isn't a traceable solution here. There needs to downloadable logs and/or API access to pull the logs or event so they can be ingested into auditing or security tools