Roles in Silverstripe Cloud are used to ensure a good workflow exists between a web team and their customer. They restrict access to certain parts of the infrastructure and permit only selected users to perform some actions, such as deployment to production or accessing production data.
Roles are structured in a hierarchy, with permissions being inherited upwards from a Team Member up to Stack Manager. A Stack Manager can give team members more permissions on the Stack Team page. For example, a Stack Manager could provide a team member permission to deploy to production or access production snapshots.
Non-trivial requests that come at a financial cost or pose an outage risk to the production environment, Silverstripe Cloud will obtain approval for the change. Depending on the nature of the request, the recipients may include the Stack Manager or Relationship Manager. Such requests may include adding or removing a stack, changing Disaster Recovery level, updating file permissions, or low-level upgrades to the LAMP stack.
Stack Managers have financial and contractual authority over the stack. As a rule of thumb, a Stack Manager is needed to perform any changes with financial impact, such as changing the stack size or approving an estimate.
Only Stack Managers have the ability to add, remove, define roles and permissions for each member. Stack Managers have the ability to approve deployment changes, although typically a Release Manager takes on this duty.
Release Managers can either be technical or non-technical. Their main role is approving changes relating to the environments on a Stack, but these can also be approved by Stack Managers.
Deployers are usually lead or senior members of the development team. They have sufficient knowledge to formulate proposals for changes with uptime or feature impact, such as modifications to environment variables, SSL certificates, creation of Virtual Stacks and changes to the whitelist.
If circumstances warrant it, Deployers can bypass the approval process.
Everyone else working on the Stack is a Team Member. Team Members can snapshot and deploy to UAT & test environments directly, as well as request deployments to production.
They cannot bypass the approval process.
|UAT1||Production1||Configuration2||Temporary CMS access||Add/Remove Users||Modify Stack||Service Desk access|
- Includes access to server logs for this environment.
- Includes configuration of variables, domains, SSL and whitelists.