Add instance audit event for disabling two-factor authentication (!89598) · Merge requests · GitLab.org / GitLab

Anton Smith requested to merge audit-event-disable-2fa into master Jun 09, 2022

What does this MR do and why?

Describe in detail what your merge request does and why.

Closes #238177 (closed)

When two-factor authentication is disabled for a user, generate an instance level audit event mentioning this.

Screenshots or screen recordings

These are strongly recommended to assist reviewers and reduce the time to merge your change.

238177 MR

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

Enable two-factor authentication for the currently logged in user. Preferably use an admin account so you can stay logged in when you check the audit logs.
Disable two-factor authentication for the currently logged in user.
Check the instance event audit logs and verify that you see an event for Disabled two-factor authentication.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Admin message

Add instance audit event for disabling two-factor authentication

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports