Skip to content
GitLab
Next
    • GitLab: the DevOps platform
    • Explore GitLab
    • Install GitLab
    • How GitLab compares
    • Get started
    • GitLab docs
    • GitLab Learn
  • Pricing
  • Talk to an expert
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
    Projects Groups Topics Snippets
  • Register
  • Sign in
  • GitLab GitLab
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
    • Locked files
  • Issues 55.2k
    • Issues 55.2k
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
    • Requirements
  • Merge requests 1.6k
    • Merge requests 1.6k
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Artifacts
    • Schedules
    • Test cases
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Package Registry
    • Container Registry
    • Terraform modules
    • Model experiments
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Code review
    • Insights
    • Issue
    • Repository
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • GitLab.orgGitLab.org
  • GitLabGitLab
  • Issues
  • #215410
Closed
Open
Issue created Apr 22, 2020 by Jeremy Watson (ex-GitLab)@jeremy-glContributor

Move group-level IP address restriction to Premium

Overview

GitLab offers a useful capability to restrict group access to a range of IP addresses in Ultimate/Gold. This is particularly useful for GitLab.com, where this type of traffic filtering is not possible.

We should move this into Premium/Silver:

  • It's a capability related to securing the deployment, not application security: For some, it's a must-have and creates a hard barrier-to-entry when getting started with GitLab. This is particularly true for GitLab.com. This limits our ability to land-and-expand with the account to help them grow a more mature practice that does use CI/CD and ultimately be able to take advantage of Gold level functionality.

  • Current state disadvantages our SaaS offering: Given the importance, this extends the difference between SaaS vs. self-managed. Native functionality for IP access restriction is not necessary for self-hosted customers, because you can handle that with any gitlab tier at the network/LB level. However, if a customer needs to use gitlab.com and cannot host themselves (e.g. company mandate to use SaaS, they don't have the internal team to support it, etc) it forces the GTM team to sell them Gold even if it doesn't fit their needs.

  • Our competitors offer this in Premium-like tiers: Atlassian offers this in Premium for Bitbucket Cloud ($6/user/month). GitHub also offers this in Enterprise Cloud($21/user/month). Both could be compared to GitLab Premium.

As part of GitLab's process, this has been discussed internally (GitLab internal only link) and approved.

Proposal

  • Move group-level IP access restriction from Ultimate/Gold to Premium/Silver. Update associated specs and documentation.

Issue readiness

  • Product: issue description is accurate with an acceptable proposal for an MVC
  • Engineering: issue is implementable with few remaining questions, is sufficiently broken down, and is able to be estimated

Availability & Testing

Since this is a minor change, we would probably not need any automated test changes. However, we should manually test this to ensure that a Premium user is able to access the feature and that the Gold customer did not loose it.

Edited May 13, 2020 by Sanad Liaquat
Assignee
Assign to
Time tracking