Highlight revoked PAT credentials in the credential inventory
Problem to solve
We introduced a credential inventory in 12.6 and extended it to group-managed accounts for GitLab.com in 12.8 to help customers gain visibility into all of the PAT and SSH credentials that existed within their self-managed instance and groups. This inventory provided necessary insight into the access users had for a particular instance or group, but it does not provide other necessary capabilities such as forcing a credential rotation (in the event of a known compromise).
Currently, when an SSH is revoked, that revocation is not mentioned in the credentials inventory. There's no way for
group owners to see, in aggregate, when credentials have been revoked.
Add a column for "Revoked on" to the PAT tab in the credential inventory that shows the date a PAT was revoked (or nothing for PATs that have not been revoked):
Out of scope
SSH keys are out of scope because they cannot be revoked.
Permissions and Security
group owners would see this specific signal since they are the only users who can view the credential inventory.
- Add all known Documentation Requirements in this section. See https://docs.gitlab.com/ee/development/documentation/feature-change-workflow.html#documentation-requirements
- If this feature requires changing permissions, update the permissions document. See https://docs.gitlab.com/ee/user/permissions.html -->
Links / references
This is the sibling issue to adding an icon for expired tokens.