Have seperation of duties in the roles so that production pipeline execution can be limited to Program or Business owner roles.
As per https://experienceleague.adobe.com/docs/experience-manager-cloud-manager/using/requirements/role-bas... , anyone in the roles Business owner, Program Manager or Deployment Manager can start / approve the production pipeline execution in Cloud Manager. It would be a very beneficial control to have settings limiting production approval to business or program roles as this will allow a more stricter approval workflow to help regulate production pipelines . A deployment manager role that manages all the day to day environment deployments that doesn’t have to go through a business approval makes sense for lower environments. But for production it would be great if this was limited to a Business owner or Program manager.
All 3 roles Business owner, Program Manager or Deployment Manager can schedule and approve deployment to production.
For production it would be great if approval was limited to Business owner or Program manager role.
Environment Details (AEM version/service pack, any other specifics if applicable):