Hedgehog Documentation

Preventing Deployment to Restricted Servers

  • Last Modified: 2019-07-17

Because a deployment plan can reference a server by name, users who have permission to edit a deployment plan could easily reference a restricted server (such as production), thus defeating any deployment restriction policies. To prevent this, you can elect to "restrict deployments" to that server.

At runtime, when a restricted server is requested, if the server is not associated with the targeted environment (or, if no environment was specified on the pipeline target), then a runtime error will occur. This allows you to grant a wide array of permissions while keeping narrow restrictions, such as:

  • permission to edit plans, pipelines, and deploy packages
  • restriction to deploy packages to production

This can be unexpected and frustrating behavior, and we generally don’t recommend it except for when there’s a need for restricted servers.

Is this documentation incorrect or incomplete? Help us by contributing!

This documentation is licensed under CC-BY-SA-4.0 and stored in GitHub.

Generated from commit ce197caa on master