Skip to main content
Last updated: 23 May 2022

Rules for getting production access

These rules apply to developers, SREs, and technical architects in the GOV.UK programme.

What production access means

We have two types of production access:

  1. Production Deploy access
  2. Production Admin access

Production Deploy access

This level of access allows engineers to deploy code but not administer admin related systems. It should be granted to both civil servants and contractors as needed.

Access includes:

The steps above are outlined in the GOV.UK Production Deploy template Trello card, which can be copied to your team’s board and carried out by developers. You can ask 2nd line for help if you have any access issues.

When you get Production Deploy access

Access should be granted at the discretion of the engineer’s tech lead, once the engineer has the required level of security clearance (BPSS). Before approving access, tech leads should ensure that the engineer:

  • is aware of our processes and standards around code review
  • understands the responsibilities that releasing code brings with it
  • knows how to roll back to an older release if there are any issues
  • knows how to get help from someone with more access if they need it

Production Admin access

The steps above are outlined in the GOV.UK Production Admin template Trello card, which is normally given whilst on 2nd line.

When you get Production Admin access

  • Temporary supervised access during two Technical 2nd Line shadow shifts (GOV.UK developers only)
  • Supervised access during the second shadow shift and probation has been passed
  • A minimum of BPSS (a blue building pass) security clearance
  • Permanent access once two shadow shifts have been completed

“Supervised” means “we trust you, but just be extra careful,” and the dev should ensure they’re getting necessary and appropriate support from their team and tech lead during this time. The tech lead of the mission team is responsible for the supervision, whether it’s by them or the team.

What is temporary supervised Production Admin access?

Admin access to production may be granted to GDS civil servants or contractors who don’t meet the criteria above for a time limited period. In these cases, we require:

  • A minimum of BPSS (a blue building pass) security clearance
  • Approval from a Lead Developer or the Head of Technology
  • Access to be removed at the end of the time limited period
  • Supervision to be given by a production cleared person during access
  • Agreement from the person that they will only use their access while supervised. We trust our staff to be sensible and operate within these rules.

Temporarily revoking access

If you’re absent more than 6 weeks, your access will be revoked. See the Trello leaver template card for the steps.