Skip to content

Add audit events for environment lifecycle operations

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Summary

Recognized by a customer (internal link).

Currently, GitLab does not generate audit events for basic environment lifecycle operations (create, delete, stop, start), creating a significant compliance and security gap for organizations that rely on environment audit trails for governance and automated recovery processes.

Problem

  • No audit events are generated when environments are created, deleted, stopped, or started
  • Only protected environment configuration changes generate audit events (introduced in GitLab 16.5)
  • Organizations cannot track who performed environment lifecycle operations or when they occurred
  • Automated systems cannot detect and respond to unauthorized environment changes

Proposed Solution

Add audit events for the following environment operations:

  • environment_created
  • environment_deleted
  • environment_stopped
  • environment_started
  • environment_updated

Edited by 🤖 GitLab Bot 🤖