⇠ Back to the blog
Cover for Inline per-command approvals right in your terminal

Inline per-command approvals right in your terminal

Christian Nguyen avatarWritten by Christian Nguyen

Visibility and control is most important for live production work. Unfortunately for many technical organizations, that view is foggy—and controls may not exist at all. Organizations need to be aware of who, what, when, where, and why when it comes to working in production. With Cased's new inline approvals and logging, organizations can get a better picture into the operations that engineers are running in production— and even better, use fine-grained controls for just-in-time approvals. You can rest easier knowing that you have visibility and control—whether it's database access, or infrastructure changes.


Cased Shell offers built in per-command approvals to add another layer of security and visibility to your production workflows. Your favorite command line tools such as - kubectl, terraform, and rails will require additional peer approvals via Slack or web in order for the operation to run. Additionally all access and access requests will be logged to a Cased audit trail.


Setting up inline per-command approvals takes less than five minutes, and a maximum of three steps.

1. Login to the Cased app

The setup for configuring per-command approvals happens in the Cased app. Log in here.

2. Create your program

Once you're logged in - go to the Cased Dashboard. Select the "New" button and select "Set up a local CLI program".

From there, just choose which CLI application you would like to add, provide a description, and click on "Create Cased CLI Application".

P.S. If you already have your CLI application created, you will not need to do this step. You simply just need to configure your approval settings which can be found in step 3.

3. Configure approval settings

To enable in-line per-command approvals, you will need to select the "Approvals required" box. You will be able to configure additional settings such as setting up peer approvals in Slack, and advanced approvals settings and privileges. Advanced approvals settings include - allowing automatic approval while an engineer is on-call, certain commands being auto-approved, session duration and more.

And that's all there is to it.

Workflow with inline approvals

With in-line approvals, maintaining oversight into your production systems has never been easier than before. Engineers and admins will be able to do everything within the terminal.

The workflow for per-command approvals doesn't change your development workflow at all. You run your programs as normal. For example, let's look at a normal terraform workflow using terraform plan.

With approvals, users who try and run terraform plan will be met with a prompt requiring a reason to run the command and approval. After entering a reason, a message will be sent to the configured Slack room with your request.

The request can be approved or denied. If it's approved, the operation will continue as normal. If denied, the operation will stop.

After turning on approvals, you will be able to run your favorite CLI tools like normal with additional visibility and security; all within Cased Shell.

If you're interested and want to learn more about Cased Shell, feel free to schedule a demo, read the documentation, or send us an email at team@cased.com.