Discuss opening cdot-rails-ro Teleport role for all GitLab engineers

Context

Currently, CDot (CustomersDot) staging access via Teleport is limited and requires individual access requests. However, there's a need to make it easier for engineers across the organization (not just fulfillment team) to test different usage billing scenarios, especially given that CDot is highly coupled with features being developed by the AI team.

Proposal

Open the cdot-rails-ro (read-only Rails console) Teleport role for all GitLab engineers to access the staging environment.

Benefits

Easier Testing: Engineers can independently test usage billing scenarios without waiting for access requests
Record Keeping: Teleport access requests serve as an audit trail for who accessed what and when
Compliance: Since this is limited to staging only, compliance concerns should be minimal
Consistency: Similar to how gitlab.com staging is accessible for all engineers

Considerations

Need to determine if this requires Compliance approval
Need to check with Infrastructure/Security teams
Should clarify if automatic approval for staging Teleport access is feasible
Need to document the process for requesting this role

Discussion in #usage-billing-uat about:

Current limitations on accessing CDot staging
Existing Teleport roles available:
- okta-customersdot-teleport-rails-rw-production-users - Rails console (staging + production)
- okta-customersdot-teleport-db-rw-production-users - Database (staging + production)
- okta-customersdot-teleport-rake-production-users - Rake tasks/logs (production only)
- okta-customersdot-teleport-rake-staging-users - Rake tasks/logs (staging only)

Next Steps

Get feedback from @jameslopez, Compliance, and Infrastructure/Security teams
Determine if a read-only role is sufficient or if broader access is needed
Document the access request process
Consider if automatic approval for staging access is appropriate