For context, our team has been using custom pipelines to do our deployments. Once all requirements are met in our staging build (all tests pass, build checks successful, etc...) any one of us can select the custom pipeline that essentially deploys everything to production.
We like the simplicity of this setup and it's been working well for us, but some of our larger clients and stakeholders expressed some concerns. They wanted a sort of two-man rule - where specific actions (like deployment) needed two people acting together in order to execute the said action.
Its clear to us that they are concerned about someone from our team going rogue or making a mistake and clicking the wrong custom pipeline. If there is a way to do this with the current feature set please let me know, but otherwise, I think this might add some security value.
As for how - maybe something similar to how pull requests can have a rule where at least one other person must approve before code get merged. Thoughts?