Hiding variables

I’m deploying a web app into DEV, TEST and PROD environments. One of the variables on the Octopus server holds the appPool user and password.

It makes sense for developers to edit this value within DEV, but they should not be able to see the values for TEST or PROD etc.

It looks like the permissions defined within Octopus allow “variables - view” to be scoped to Project, but not environment…

Can we add this to the to do this? or is there a better way around this problem.

We are having a similar issue.

We need to secure the access to variables at environment level and currently although it looks possible to do so, environment is an available scope option for allowing and denying the viewing and editing of variable, it currently does not work.

We are using Octo.exe within TeamCity to create releases in our dev environment and we need to ensure that the user we use for that is unable to deploy to other environments including viewing or editing variables.

Me again. Three years later and it turns out this is possible through Teams and Roles.