Revoked/Created agent access tokens should fire audit events
The GitLab agent for Kubernetes manages the cluster - GitLab access with so called agent access tokens. We recommend regularly rotating and knowing about these tokens as they can be used to update your cluster from GitLab. Recently, we extended GitLab to fire audit events when the agent access tokens are created or revoked to support your security and compliance requirements.
Problem to solve
As a security analyst, I want to know when agent tokens are created or revoked so that I can ensure safe access to the infrastructure.
Once #382131 is implemented, the agent tokens will no longer be shown in the APIs or the UI.
For compliance, we need to have a way to communicate the revoked agent tokens
Integrate agent access token creation and removal into the audit events framework.
Feature Usage Metrics
The usage of audit events is tracked separately. New metrics are not needed.
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.