Backend: Removing user access to Shared Runners through the REST API
Problem to solve
In order to block a user from using Shared Runners an account level block needs to be placed. In the event that a user is not intentionally abusive with our Shared Runners it would be great to only remove access to our Shared Runners and not the entire account.
Intended users
Infra, Production, GitLab admins
Further details
User inadvertently causes behavior that negatively impacts our Runners/Availability
Proposal
Provide the ability to block a users access to the Shared Runners
- Available via the Users API to add it as a mitigation option in Scrubber (our mitigation tool) - This issue
- UI based method - #35346
Permissions and Security
Requires a GitLab Admin Account to action this
Testing
Risk:
- This would lower the impact to a user as they would still have access to their projects/content if we need to mitigate against inadvertent excessive CI Usage.
What does success look like, and how can we measure that?
Blocking access to CI without blocking access to anything else on the account
Links / references
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.