Table of Contents
Why Is a Manual Review Stage a Critical Safety Feature in CI/CD Pipelines?
Discover what an approval stage achieves in a CI/CD pipeline: a mandatory manual review before deploying to production. Learn how this checkpoint acts as a quality gate, giving teams control over releases and preventing costly errors.
Question
What does adding an approval stage achieve?
A. Replacement of Git repositories
B. Visualization of deployment metrics
C. Automatic DB integration
D. Manual review before production deployment
Answer
D. Manual review before production deployment
Explanation
Approvals act as checkpoints.
Adding an approval stage to a CI/CD pipeline achieves a mandatory pause for manual review and confirmation before allowing a deployment to proceed, particularly to a sensitive environment like production. This stage acts as a critical checkpoint or “quality gate” in an otherwise automated workflow, ensuring human oversight before a release goes live.
The correct answer is D. Manual review before production deployment.
While automation is a core tenet of CI/CD, deploying directly to production without any human intervention can be risky. An approval stage introduces a deliberate stop in the pipeline to mitigate this risk.
Here’s a detailed look at what this stage achieves:
Enforces Quality Assurance and Business Logic Review
The pause allows a designated approver (such as a QA lead, product manager, or senior developer) to perform final checks. This might include:
- Manually testing the application in a staging environment.
- Verifying that all business requirements for a new feature have been met.
- Confirming that the release is happening within a scheduled maintenance window.
It serves as a safety mechanism to prevent a developer from accidentally triggering a production deployment. The pipeline will not continue until an authorized IAM user or role explicitly approves the action.
Meets Compliance Requirements
Many organizations have compliance and governance policies (like the “two-person rule”) that mandate a separation of duties and an explicit, auditable approval for any changes to production systems. The approval stage provides a clear, logged record of who approved a deployment and when, helping to satisfy these requirements.
Provides Final Control
It gives the team ultimate control over the release timing. Even if all automated tests pass, the team can choose to delay a deployment by rejecting or deferring the approval if there is an external issue or a change in business priorities.
When the pipeline reaches this stage, it stops and can send a notification (e.g., via email or Slack) to the designated approvers. The pipeline only resumes if the action is approved. If it is rejected, or if no one responds within seven days, the pipeline execution fails.
The other options are incorrect for the following reasons:
A. Replacement of Git repositories: An approval stage is part of a deployment pipeline and has no function related to replacing source control systems like Git.
B. Visualization of deployment metrics: This is the role of monitoring and observability tools like Amazon CloudWatch, not a manual approval action.
C. Automatic DB integration: Database integration is part of the application’s code and infrastructure configuration, not an action within a pipeline approval stage.
AWS Elastic Beanstalk & CI/CD for Cloud Projects certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the AWS Elastic Beanstalk & CI/CD for Cloud Projects exam and earn AWS Elastic Beanstalk & CI/CD for Cloud Projects certificate.