Allow creation of Auditor accounts for Gitlab SaaS
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Proposal
Currently, it is not possible to fetch Gitlab Audit events without having Owner permissions. This is not feasible, as Audit users are meant to be read-only. The current organization creates a risk that any Auditor can destroy Gitlab with full access.
Currently, for integrations, Gitlab proposes to use Service Accounts as they can have non-expiring tokens, and are not bound to an employee that would break integrations if he were to be laid off.
We'd like to request Gitlab to combine the best of the both worlds:
- Allow SaaS users to create Auditor Accounts (Currently only possible for self-hosted Gitlab).
- Allow
Auditoraccounts to be created as Service Accounts to allow clean, non-breaking integrations with minimum privileges for Audit Event management
This is one way to solve it. Another would be to allow all the cool Self-hosted Gitlab Audit features to be used by SaaS users as well (for example, the Reporting available for self-hosted Gitlab). This would remove the pain of even having to build integrations that would continuously poll Gitlab for new events.
The use case for these is the multitude of companies operating in the cloud, and that number is growing. The features are basic, are already available, but using them requires breaking of security standards, and that is not optimal. Best to expose correctly built-for-purpose functionality to SaaS users.
https://support.gitlab.com/hc/en-us/requests/542278 sparked this request.
https://support.gitlab.com/hc/en-us/requests/488365 explains in detail why using Group Access Tokens is not the way to go, why Service Accounts are superior for this purpose, and why Least-privilege is critical in a system that hosts the companies main IP (Source code).