Skip to content

Audit Changes to IP AllowList

Problem

Currently, we do not provide API control of the IP AllowList for GitLab.com Groups: #351493 (closed)

When a group has many IP addresses on the allow list, it becomes unwieldy to manage these via the UI, especially when multiple people could be manually editing the list at the same time...ending in errors and questions about what data was actually changed.

Proposal

Until API control of the AllowList can be added, we can add auditing to any changes in the IP AllowList:

image

Audit should include:

  • Value of field before audit
  • Value of field after audit
  • User who performed the change
  • date/time stamp of change

This should be implemented using the Audit Events Framework: https://docs.gitlab.com/ee/development/audit_event_guide/#audit-event-instrumentation-flows

Edited by Hannah Sutor