Add Secure Functionality to Auditor Role
Problem to solve
Customers are using the Auditor role to allow compliance auditors to do their work. Today this role doesn't have any access to security reports, vulnerabilities, or a way to see the state of security scans.
Intended users
User experience goal
Proposal
We should support read-only views into a number of Security features including:
Who can address the issue
- someone with an understanding of role/permission/access model
- understanding of GitLab security functionality.
Further details
Permissions and Security
- Changes to the Auditor Role to expose access to Security Tools
Documentation
- Update documentation of the Auditor user role to include added permissions.