View Security Dashboard - Customizable Permissions
Problem to solve
Today users don't have the ability to separate out the duties between the engineering security teams in a way that adheres to the Principle of Least Privilege. Security teams need to be able to view a Security Dashboard, but don't necessarily need to make changes directly to a code base.
Intended users
Proposal
-
add the following customer permissions to a custom role (built on top of the Reporter role as a base):
-
View Security Dashboard
- read_*
-
Further details
- The new customizable roles framework permissions is additive only. Instead of
Change vulnerability status
permission included as a part of both theDeveloper
andMaintainer
roles, users will need to do something likeReporter
+Change vulnerability status
. - admin_* is the equivalent of read/write, while read_* is the equivalent of read only.
Documentation
Availability & Testing
Available Tier
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.