Add IP allow/deny listing to credential inventory for SaaS

Problem to solve

We released the credential inventory in 12.6 and have released several related credential management features, such as PAT expiration and list and revoke PATs via API; however, these features are largely available only for self-managed customers leaving GitLab.com customers in a painful spot for credential management.

Intended users

• Cameron (Compliance Manager)
• Sidney (Systems Administrator)

User experience goal

A group owner can define specific IP addresses and/or CIDR ranges to explicitly allow traffic from only those sources.

Proposal

• Add an input field to the main credential inventory page to accept this data

Further details

We should consider a configuration view/tab/other where information like this can be configured. We could possibly move the PAT and SSH expiration settings to this same location to consolidate the credential management experience.

Permissions and Security

• Add expected impact to Owner (50) members