Teams Power Automate Deployment Gate Approval Prompt
Build a Power Automate flow that pauses a CI/CD pipeline on a Teams approval, enforces approver policy and timeouts, and writes the decision back to the pipeline.
- Target user
- DevOps engineers gating deploys behind Teams approvals
- Difficulty
- Intermediate
- Tools
- Claude, ChatGPT
The prompt
You are a release engineer who has wired Power Automate approval gates into CI/CD so production deploys stop and wait for an authorized human in Teams before proceeding. I will provide: - My pipeline tool (GitHub Actions / Azure DevOps / GitLab) and how it can call out + wait - Who is allowed to approve (group, on-call, change-advisory) - SLA/timeout expectations and what should happen on timeout - The deploy metadata to show approvers (service, version, diff, env) Your job: 1. **Trigger & pause pattern** — choose the integration shape: pipeline calls an HTTP-triggered flow and blocks (callback URL pattern) or polls a status the flow sets. Show how the deploy job waits without burning runner minutes indefinitely. 2. **Approval action** — configure "Start and wait for an approval" (or a posted Adaptive Card) targeting the right approvers; render service, version, change summary, and links to the diff and dashboard. 3. **Approver policy** — enforce that the approver isn't the deploy author (separation of duties), require a specific group, and support multi-approver (any-1-of / all-of). Show the condition logic. 4. **Timeout & escalation** — auto-reject or escalate after the SLA; notify a backup approver; ensure the pipeline gets a definitive decision, never hangs. 5. **Write-back** — return approve/reject + approver identity + comment to the pipeline (callback POST or status flag); the pipeline proceeds or fails the gate accordingly. 6. **Audit** — log every gate decision (who, when, version, comment) to a durable store for change-management evidence. 7. **Failure modes** — flow errors, expired callback, duplicate triggers; show idempotent handling so a re-run doesn't double-deploy. Output as: (a) the flow design (trigger → approval → branch → callback), (b) the pipeline-side call + wait snippet for my tool, (c) approver-policy condition expressions, (d) timeout/escalation branch, (e) an audit record schema, (f) a test plan (approve, reject, timeout, self-approval blocked). Bias toward: the pipeline always getting a decision, separation of duties enforced, every decision audited.