Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Sign up for free Log in
Atlassian Community Hero Image Collage

Permissioning for Bitbucket manual pipelines/deployments

Daniel Whatmuff
Daniel Whatmuff Feb 06, 2018

I would like to create manually triggered pipelines and add permissioning to them.

e.g. manual pipeline "deploy-to-prod" can only be triggered by users in group "Deployers".

The same thing for deployments - some users can deploy to dev/QA but only admins can deploy to prod.

Answer
Watch
Like Be the first to like this
2070 views

1 answer

2 votes
SebC
SebC Atlassian Team Feb 06, 2018

Hey @Daniel Whatmuff,

Pipelines permissions are tightly coupled to the repository permissions to keep things simple. Anyone who can write to your repository can trigger new pipelines (much as committing to a branch triggers a pipeline.)

If more granular permissions are something you think is valuable, please add a comment and watch https://bitbucket.org/site/master/issues/13676/ability-to-restrict-who-can-run-deployment which we are using to track customer feedback.

thanks,

Seb

View More Comments
Jonathan McCutchan
Jonathan McCutchan Feb 27, 2020

@SebC 

Currently, deployments only allows deployment permissions at the admin level.  SOX compliance requires us to have the employee that merges the code and the employee that deploys the code be different.

Branch permissions allow for assignment of a group to be able to merge to a branch, but deployments can only be configured to admins.  What this results in is our deployment manager having to be an admin of the repository to be able to lock down production deployments.  The issue with this is that if our deployment manager is an admin of the repository, he also has access to merge, or at least could grant himself access to merge since he's an admin.

 

The feature request, if there isn't an alternative that you can think of, or current work-around, would be to allow deployment permissions to be assigned to a user group.

 

Let me know if you have any questions or if there's something already in place that I'm not aware.

 

Thanks

Like
Like
Shelly thakur
Shelly thakur Jun 23, 2020

Facing the same issue. Any updates?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
Community showcase
Cathy Liu
Cathy Liu
Published in Bitbucket

⭐ Calling all Bitbucket and DevOps experts: Special showcase opportunity ⭐

Hi, Bitbucket community! Are you a DevOps practitioner (or know one in your network)? Do you have DevOps tips, tricks, or learnings you'd like to share with the community? If so, we'd love to hea...

1,440 views 4 7
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you