Restrict stop and delete actions on environments while retaining ability to deploy

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Summary

It's possible for users with the Developer role or higher to deploy to an environment. This is desirable, however we'd also like to retain this ability while simultaneously restricting the ability for the same users to stop or delete the environment.

Current behavior

The closest available possibility is to use protected environments with deployment-only access, but this means the users would need to have the Reporter role, not the Developer role. The Reporter role however, may be too restrictive for some customer use cases.

What is the desired behavior?

Allow a way for Developer users to deploy to environments, while also restricting their ability to stop or delete them.