Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request. Searching for pre-existing feature requests helps us consolidate datapoints for identical requirements into a single place, thank you!
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
If you are interested in working on this issue or have submitted a pull request, please leave a comment.
Describe the user story
We are trying to use policies to serve as a warning. Basically if plan detects a destroy, then user must approve_policy IF a destroy is detected as a measure of acknowledgement that the user knows there's a destroy, then is able to run apply. The issue is the owners functionality is limited because we cannot add GH teams from different orgs, it must be in the same org that the Atlantis is running, while also we have hundreds of users, so adding a static list is a bit cumbersome to manage.
Describe the solution you'd like
We would like an anonymous_approval (or something along those lines) flag to the policy_sets that would allow anyone to approve. Or even better, support regex for team/user names list
Describe alternatives you've considered
we've considered creating a dedicated GH team, with all users, and also dynamically creating a static user list, but I think adding an anonymous_approval flag would be a much cleaner solution.
Community Note
Describe the user story We are trying to use policies to serve as a warning. Basically if plan detects a destroy, then user must
approve_policyIF a destroy is detected as a measure of acknowledgement that the user knows there's a destroy, then is able to runapply. The issue is theownersfunctionality is limited because we cannot add GH teams from different orgs, it must be in the same org that the Atlantis is running, while also we have hundreds of users, so adding a static list is a bit cumbersome to manage.Describe the solution you'd like We would like an
anonymous_approval(or something along those lines) flag to thepolicy_setsthat would allow anyone to approve. Or even better, support regex for team/user names listDescribe alternatives you've considered we've considered creating a dedicated GH team, with all users, and also dynamically creating a static user list, but I think adding an
anonymous_approvalflag would be a much cleaner solution.