Include admins in restrict group access by IP address feature
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Problem to solve
As an admin of GitLab Ultimate self-hosted, I would like to restrict access to certain groups to specific ip ranges. The restriction should be including admins. We would like to require the user either be at a certain IP or use a VPN to connect to these groups because they manage privileged group runners. Right now, admins are excluded from the ip restrictions but these are the users that have access to these privileged groups in our environment.
Intended users
GitLab admins 140 user Premium customer demoing Ultimate.
Proposal
We understand the concern is that admins may be locked out. We recommend that the ability to globally disable the admin ip restriction be added to the rails console. As admins of the self-hosted GitLab we will retain the ability to use the rails console even if we are locked out of GitLab itself.