Skip to content
GitLab
Next
Closed
Issue created by Hannah Sutor@hsutorDeveloper

Audit Changes to IP AllowList

Problem

Currently, we do not provide API control of the IP AllowList for GitLab.com Groups: #351493

When a group has many IP addresses on the allow list, it becomes unwieldy to manage these via the UI, especially when multiple people could be manually editing the list at the same time...ending in errors and questions about what data was actually changed.

Proposal

Until API control of the AllowList can be added, we can add auditing to any changes in the IP AllowList:

image

Audit should include:

  • Value of field before audit
  • Value of field after audit
  • User who performed the change
  • date/time stamp of change

This should be implemented using the Audit Events Framework: https://docs.gitlab.com/ee/development/audit_event_guide/#audit-event-instrumentation-flows

Edited by Hannah Sutor