Auditing and permissions with Octopus Deploy

Auditing and permissions in Octopus

Octopus has a rich and powerful permissions model, and full auditing, ensuring you can restrict who can deploy to production, and meet your compliance requirements.

Try it free

Control who can deploy to production

Octopus Deploy provides the most value when it is used by your whole team. Developers and testers might be allowed to deploy specific projects to pre-production environments, but not production environments. Stakeholders might be permitted to view certain projects, but not modify or deploy them. To support these scenarios, Octopus supports a permissions system based around the concept of teams.

Learn more →

Control who on your team has permission to deploy to certain environments.

Control who can make production changes

If you would like to empower your team or decrease the workload of the release manager, you can grant permission for individual team members to push to various environments. For example, testers could be empowered to push to testing environments or certain devs or team leads could be empowered to push to dev environments.

Octopus Deploy also lets you define who can make production changes.

Ensure releases have been tested prior to production

Use Lifecycles in Octopus to define the phases in your deployment process, and ensure that releases can't be deployed to production unless they've been tested first.

Ensure releases have been fully tested in testing or UAT environments before you push to production environments.

A complete audit trail

Octopus leaves behind a full audit trail of who did what and where, and captures diffs of changes made to configuration variables or deployment processes.

Octopus leaves behind a full SOX compliant audit trail so you can know precisely who made what change, when and where.

SOX & PCI-DSS compliance

The permissions model and auditing in Octopus help to maintain separation of duties and visibility over production changes, helping to meet your PCI-DSS and Sarbaines-Oxley requirements.

Retain visibility over what changes are being made to production. Octopus helps you meet your PCI-DSS and SOX compliance requirements.

Active Directory integration

Use groups in Active Directory to manage the teams users are associated with, giving you a central, standard place to grant and revoke deployment permissions.

Active directory lets users manage their teams more efficiently.

Creating happy deployments at more than 25,000 companies, including:

Shout out to @OctopusDeploy for making their software so easy to work with. Just upgraded a 2 year out of date instance and migrated it to a new server and it worked with no effort beyond what their documentation said to do.

Twitter user Alex Dent Alex Dent

We've been overhauling our internal infrastructure and back-end systems over the past month, including a move back to full @OctopusDeploy deployments; rediscovering how nice it is to have a platform-agnostic orchestrator that can deploy practically anything, anywhere ❤

Twitter user Nicholas Blumhardt Nicholas Blumhardt

Tools like @OctopusDeploy can be great in enabling culture change, we've been able to scale and improve our configuration story since we started using it

Twitter user Niel Chalk Niel Chalk

Give your team a single place to release, deploy and operate your software.

Octopus Server

Octopus on your infrastructure.
Free for small teams, no time limits.

Download Octopus Server Server

Octopus Cloud

Octopus hosted by us.
Free for small teams.

Sign up for Octopus Cloud Sign up