← Back to all posts

Policy Approvals via Github PR

Add PR reviewer/approvers into Plan policies.

Our use case is that we want for certain resources to be approved by specific teams before merging in to main ie IAM this then allows us to grant broader access to teams and allows for more readable terraform.

This way we can have a policy that was failing, now pass as it was approved by the right team, and till it is approved in the PR step it is blocking merge.

Workaround
using code owners and specific paths for certain resources
Problem
Our use case is certain teams own the approval of certain changes IAM, Firewall, DB, and etc and currently we have to break the code up a bunch for code owners or require too many approvals for changes. The goal is allow teams to do things that don't need approval or grant us the ability to create exceptions where needed a user creates a PR -> a plan policy says this needs FOO to review -> Notification adds them to the PR as needed review -> Foo approves -> plan policy now passes as FOO has approved

Please authenticate to join the conversation.

Upvoters
Status

πŸ”­ Discovery

Board

πŸ’‘ Feature Requests

Date

3 months ago

Subscribe to post

Get notified by email when there are changes.