Duplicate: Allow owner of an organisation to view all the tokens under the org
Summary
Owners of organisations were unable to identify/list all the tokens under their organisations during a recent incident. Only Administrators can list personal, project, or group access tokens created by all users.
It would be beneficial to have similar permissions for the Owner role to avoid cases described here
Related Incident(s)
Originating issue(s): gitlab-com/gl-infra/production#18003 (closed)
Desired Outcome/Acceptance Criteria
- Org Owner to view all the tokens created under the organisation
Associated Services
Corrective Action Issue Checklist
-
Link the incident(s) this corrective action arose from -
Give context for what problem this corrective action is trying to prevent re-occurring -
Assign a severity label (this is the highest sev of related incidents, defaults to 'severity::4') -
Assign a priority (this will default to 'Reliability::P4' but should match the severity of the related incident) -
Assign a service label