For auditing reasons, I’m looking for a role that will allow the user to complete approval steps, but not edit the deployment process.
e.g. a project “Great Web Site” has an approval step applied only to the production environment with responsible team “Great Web Approvers”.
Team “Great Web Approvers” is configured with role “Deployment Creator” on the group that Great Web Site is in. Deployment Creator was chosen because anything higher than that seems to give process edit.
As it stands, the user sees an error instead of the approval message. I experimented with giving Deployment Creator the InterruptionViewSubmitResponsible permission, but that didn’t seem to work either.
I was thinking of creating a custom role to handle this but was scared off by the warning at the top of the add custom role page…
Is there a better way of doing this? Or do I need to create a role?