Audit Changes to IP AllowList
Problem
Currently, we do not provide API control of the IP AllowList for GitLab.com Groups: #351493 (closed)
When a group has many IP addresses on the allow list, it becomes unwieldy to manage these via the UI, especially when multiple people could be manually editing the list at the same time...ending in errors and questions about what data was actually changed.
Proposal
Until API control of the AllowList can be added, we can add auditing to any changes in the IP AllowList:
Audit should include:
- Value of field before audit
- Value of field after audit
- User who performed the change
- date/time stamp of change
This should be implemented using the Audit Events Framework: https://docs.gitlab.com/ee/development/audit_event_guide/#audit-event-instrumentation-flows
Edited by Hannah Sutor