Granular API Key Access for Running Test Sessions

Summary:

Introduce a new access level or API key configuration in Checkly that allows running test sessions without granting permissions to update or modify tests. This feature will enable better separation of access rights between environments, such as limiting PRs to running tests only.

Use Case:

Our team requires an API key for CI/CD pipelines, specifically for pull requests (PRs). These keys should only:

• Trigger and run test sessions.

• Restrict any capability to modify, update, or delete test definitions.

The current access levels (admin, read_write, read_only) do not align with this requirement:

• Read_write allows running tests but also permits test modifications, which is undesirable for PRs.

• Read_only restricts modifications but does not support initiating test runs.

Priority:

This feature is critical for maintaining secure and environment-specific access controls while adhering to robust CI/CD practices.

Benefits:

• Improved security by minimizing unnecessary write access in sensitive environments.

• Enhanced alignment with least privilege access principles.

• Better flexibility for integrating with CI/CD pipelines across different workflows.

Request:

Consider implementing:

1. A new access level (e.g., execute_only) or

2. Enhanced granularity for API key permissions, allowing users to select specific capabilities (e.g., run tests only).

Thank you for considering this enhancement!