Add audit events for environment lifecycle operations

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Summary

Recognized by a customer (internal link).

Currently, GitLab does not generate audit events for basic environment lifecycle operations (create, delete, stop, start), creating a significant compliance and security gap for organizations that rely on environment audit trails for governance and automated recovery processes.

Problem

• No audit events are generated when environments are created, deleted, stopped, or started
• Only protected environment configuration changes generate audit events (introduced in GitLab 16.5)
• Organizations cannot track who performed environment lifecycle operations or when they occurred
• Automated systems cannot detect and respond to unauthorized environment changes

Proposed Solution

Add audit events for the following environment operations:

• environment_created
• environment_deleted
• environment_stopped
• environment_started
• environment_updated

---