Restricting builds from untrusted branches, avoiding bad actors deploying to production

Hi – how do I restrict the developer accounts from being able to run builds that trigger production deployments?

That or (feature request) – can we have accounts that can view the build logs but not trigger builds via the UI?



The first thing that comes to mind is to assign roles. The “Testers/QA” role only allows the user to view builds. You can find out more information about roles at:

Another option would be to use manual approval for PR builds. Info on setting this up can be found at:

Hope this helps!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.