Ability to restrict Access tokens to Specific IP Addresses

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Problem to solve

Currently, IP Allowlist applies to all tokens within either a project, group or instance.

Proposal

1. allow-list for a specific token, whether that be personal, project, oauth, or group access tokens, instead of the current ip allow list applying to all (personal, project, group) tokens
2. audit log alerts for non-allow list access
3. ability to pull a list of tokens that are configured to allow 0.0.0.0/0 (Ability to audit too permissive tokens)

Intended users

Security Team & GitLab Admins

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.