Have seperation of duties in the roles so that production pipeline execution can be limited to Program or Business owner roles.
Use-case:
As per https://experienceleague.adobe.com/docs/experience-manager-cloud-manager/using/requirements/role-bas... , anyone in the roles Business owner, Program Manager or Deployment Manager can start / approve the production pipeline execution in Cloud Manager. It would be a very beneficial control to have settings limiting production approval to business or program roles as this will allow a more stricter approval workflow to help regulate production pipelines . A deployment manager role that manages all the day to day environment deployments that doesn’t have to go through a business approval makes sense for lower environments. But for production it would be great if this was limited to a Business owner or Program manager.
Current/Experienced Behavior:
All 3 roles Business owner, Program Manager or Deployment Manager can schedule and approve deployment to production.
Improved/Expected Behavior:
For production it would be great if approval was limited to Business owner or Program manager role.
Environment Details (AEM version/service pack, any other specifics if applicable):
There is already an enhancement request - internal reference CMGR-18047 - opened at the engineering level to have a better access management on Cloud Manager profiles, including the request to restrict the approval to Business Owner for example
Let me know if you have other question about the same