Add admin impersonation tokens to the credential inventory
Problem to solve
The credential inventory does not include impersonation tokens. These tokens can be used to take actions on behalf of another user and can affect the nonrepudiation posture of an organization.
Use cases
As an administrator, deprovisioning a user, I would like to see where the user is being impersonated so that I can move that workload onto a different user.
As an auditor looking for places where users could be impersonated, I would like to have full-visibility into impersonations in GitLab.
Intended users
User experience goal
An admin can view impersonation tokens in the credential inventory.
Proposal
- Create a
owned_bycolumn onpersonal_access_tokens, which is a foreign key to a User for impersonation tokens.- Adding an index on
impersonationwould help as one doesn't exist right now.
- Adding an index on
- Ensure that this column is populated for impersonation tokens. (Add a validation to this effect)
- Add an
impersonation tokenstab that shows all impersonation tokens for each user that possesses them. - Add relevant documentation, explaining that impersonation tokens created before this feature is released will not include the owner in the credentials inventory.
Fields to consider including in this MVC:
- Owner
- User
- Scope
- Created on
- Last used
- Expiration
| Owner | User | Scope | Created on | Last used | Expiration |
|---|---|---|---|---|---|
| Daffy Duck | Bugs Bunny | api | 2020-08-01 | 2020-08-24 | Never |
| Daffy Duck | Lola Bunny | api | 2020-07-01 | 2020-09-20 | 2020-10-01 |
Edited by Max Woolf