Allow group owners to define an SSH key expiration
Problem to solve
We released the credential inventory in 12.6
and have released several related credential management features, such as PAT expiration and list and revoke PATs via API; however, these features are largely available only for self-managed customers leaving GitLab.com customers in a painful spot for credential management.
Intended users
User experience goal
A group owner
can specify an expiration for SSH keys scoped to their group or projects in their group.
Proposal
- Add a field to
Group
>Settings
>Permissions, LFS, 2FA
:Maximum allowable lifetime for ssh keys (days)
Further details
Enforcement of this feature should be enabled
by default.
Permissions and Security
- Add expected impact to Owner (50) members