blocklist (not blacklist) and allowlist (not whitelist) licenses across an entire instance

Problem to solve

Customers want to automate corporate policies for using licenses without setting up whitelists and blacklists for each group.

Intended users

Security or risk manager, compliance manager

Further details

Proposal

Permissions and Security

Documentation

Testing

What does success look like, and how can we measure that?

What is the type of buyer?

Links / references

added Secure UXCompliance & Auditing typefeature + 1 deleted label

Setting devopssecure groupstatic analysis based on ~"Secure".

added devopssecure groupstatic analysis labels

mentioned in issue #12832 (closed)

added 1 deleted label

added Category:License Compliance [DEPRECATED] groupcomposition analysis + 1 deleted label and removed groupstatic analysis + 1 deleted label

@NicoleSchwartz - Over to you for prioritization.

Similiar issue: https://gitlab.com/gitlab-org/gitlab-ee/issues/12941

mentioned in issue #12963 (closed)

added to epic &273 (closed)

changed milestone to %Backlog

added Enterprise Edition label

unassigned @kencjohnston

added [deprecated] Accepting merge requests label

added GitLab Ultimate label

assigned to @NicoleSchwartz

removed 1 deleted label

changed epic to &1662 (closed)

unassigned @NicoleSchwartz

changed epic to &2341 (closed)

changed title from blacklist and whitelist licenses across an entire instance to blocklist (not blacklist) and allowlist (not whitelist) licenses across an entire instance

marked this issue as related to #220215 (closed)

added backend frontend labels

added sectionsec label

added secure bulk changes label

We are closing this issue automatically because it was created over a year ago and does not seem to have been picked up yet.

If you're reading this and feel like this issue is still relevant, please re-open it and apply the secureparked label to it.

closed

added stale label

reopened

added secureparked label and removed stale label

This feature will be handled if we are able to extend our Security Policies to support License Approval Policies. We plan on making Security Policies available at the Group Level, so once we add in support for License Approval Policies, then users could easily manage a centralized approved/denied policy list for multiple projects at the group level.

I am closing this Issue out in favor of tracking the work to solve the underlying problem in the other linked Epics.

closed

mentioned in issue gitlab-org/quality/triage-reports#7679 (closed)

added Category:Software Composition Analysis SCA:License Scanning labels