Production Engineering: Cloud Connector (#12585) · Epics · GitLab.org

Production Engineering: Cloud Connector

https://handbook.gitlab.com/handbook/engineering/infrastructure/team/cloud-connector/  This epic is the SSOT for ongoing and planned work for the [Cloud Connector team](https://handbook.gitlab.com/handbook/engineering/infrastructure/core-platform/systems/cloud-connector/). ## Project Work ### :hourglass: Work In Progress These epics are currently in progress | **Topic** | **Start Date** | **Target End Date** | **Summary** | |-----------|----------------|---------------------|-------------| | [Phase 5: Prepare for removing AvailableServices interface](https://gitlab.com/groups/gitlab-org/-/epics/15639) @alipniagov @mkaeppler (+0 participants) ~"group::provision" | 2025-05-01 | 2025-07-17 | **2025-06-11**: * The whole team continues to work on this Epic to remove usage of the old AvailableServices interface. * https://gitlab.com/gitlab-org/gitlab/-/issues/542422+. Feature flag [cleanup](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/192366) from the first part of this issue is complete. We are now working on the refactor of where the `purchased` method is called, starting with https://gitlab.com/gitlab-org/gitlab/-/merge_requests/193730+. * https://gitlab.com/gitlab-org/gitlab/-/issues/538100+ is completed, moving the SAST usage of Cloud Connector away from AvailableServices. * Continued work on https://gitlab.com/gitlab-org/gitlab/-/issues/546563+ This issue will remove a number of usages of the AvailableServices.access_token method that we have identified as not being required. There are 5 related MRs that are nearly ready for review. * Continued to work on https://gitlab.com/gitlab-org/gitlab/-/issues/546576+ in order to allow us to migrate safely away from an AvailableServices based way of minting a Cloud Connector token **Nested Epics: 2** • https://gitlab.com/groups/gitlab-org/-/epics/17999+ • https://gitlab.com/groups/gitlab-org/-/epics/17839+ | | [Cloud Connector component handovers and team artefact review](https://gitlab.com/groups/gitlab-org/-/epics/17335) @pjphillips (+0 participants) ~"group::cloud connector" | | 2025-06-13 | **2025-06-11**: * Continued to work on https://gitlab.com/gitlab-org/gitlab/-/issues/546142+ (administrative items around the team changes). Many MRs opened and in flight at the moment, but no blockers. * https://gitlab.com/gitlab-org/gitlab/-/issues/545922+ discussion are progressing on MRs relating to each of the ownership areas. No major concerns at the moment. * Handover meetings are scheduled with Auth and Runway for later this week. Once done we can close off the handover issues. * By Friday this week we will transfer over any open issues to the new teams. | ### :soon: Ready Linked epics that are ready to start | **Topic** | |-----------| | [Further improvements of the JWKS management](https://gitlab.com/groups/gitlab-org/cloud-connector/-/epics/3) ~"group::cloud connector" | | [Improve observability of Cloud Connector](https://gitlab.com/groups/gitlab-org/-/epics/14573) ~"group::cloud connector" | ### :arrow_forward: Next These are the epics we will be focusing on next | **Topic** | **Target Start Date** | **Summary** | |-----------|-----------------------|-------------| | [Close design gaps between SHM and Cloud Connector](https://gitlab.com/groups/gitlab-org/-/epics/16149) @mkaeppler @nmilojevic1 (+0 participants) ~"group::cloud connector" | 2025-02-15 | | | [Testing Duo feature access should be easy](https://gitlab.com/groups/gitlab-org/-/epics/18063) (+0 participants) ~"group::cloud connector" | | | | [Refactor AmazonQ to use new UnitPrimitives](https://gitlab.com/groups/gitlab-org/-/epics/17837) (+0 participants) ~"group::provision" | | | | [Refactor Self-Hosted Models (SHM) Feature Support Architecture](https://gitlab.com/groups/gitlab-org/-/epics/17836) @nmilojevic1 (+0 participants) ~"group::provision" | | | | [Consolidate key + token management (GitLab, CDot)](https://gitlab.com/groups/gitlab-org/-/epics/17459) (+0 participants) ~"group::cloud connector" | | | | [Additional improvements to new Unit Primitive set up](https://gitlab.com/groups/gitlab-org/-/epics/15954) (+0 participants) ~"group::provision" | | | | [Cloud Connector - tightening security](https://gitlab.com/groups/gitlab-org/-/epics/13039) (+0 participants) | | **Nested Epics: 4** • https://gitlab.com/groups/gitlab-org/-/epics/16999+ • https://gitlab.com/groups/gitlab-org/-/epics/13040+ • https://gitlab.com/groups/gitlab-org/-/epics/12919+ • https://gitlab.com/groups/gitlab-org/-/epics/12997+ | ### :rotating_light: Epics that need attention These linked epics are not in the correct state or missing a workflow label <details> | **Topic** | **Links** | **Reason** | |-----------|-----------|-------------| | [AI feature parity for SaaS / SM / Dedicated](https://gitlab.com/groups/gitlab-org/-/epics/10516) (+0) | Labeling problem, epic has no workflow label | | [Cloud Connector Foundations](https://gitlab.com/groups/gitlab-org/-/epics/11417) (+0) | Labeling problem, epic has no workflow label | | [Managing Cloud Connector Traffic](https://gitlab.com/groups/gitlab-org/-/epics/13610) (+0) group::cloud connector | Labeling problem, epic has no workflow label | | [Cloud Connector abstractions](https://gitlab.com/groups/gitlab-org/-/epics/12376) (+0) | Labeling problem, epic has no workflow label | | [Extract CloudConnector unit_primitive configuration and logic](https://gitlab.com/groups/gitlab-org/-/epics/14310) @nmilojevic1 (+0) group::cloud connector | Labeling problem, epic has no workflow label | | [Create rate limit buckets for CC instance traffic](https://gitlab.com/groups/gitlab-org/-/epics/13778) @mkaeppler (+0) group::cloud connector | Epic has no workflow label but is closed | | [Extract Cloud Connector Python library](https://gitlab.com/groups/gitlab-org/-/epics/15320) @alipniagov (+0) group::cloud connector | Labeling problem, epic has no workflow label | | [Onboard SAST scanning to Cloud Connector](https://gitlab.com/groups/gitlab-org/-/epics/15003) @pjphillips (+0) | Labeling problem, epic has no workflow label | | [Improve reliability of Cloud Connector token validation](https://gitlab.com/groups/gitlab-org/-/epics/15142) @alipniagov (+0) group::cloud connector | Labeling problem, epic has no workflow label | | [Create new gitlab-cloud-connector project](https://gitlab.com/groups/gitlab-org/cloud-connector/-/epics/1) @nmilojevic1 (+0) group::cloud connector | Labeling problem, epic has no workflow label | | [Proposal: Streamline Cloud Connector authentication](https://gitlab.com/groups/gitlab-org/-/epics/14400) (+0) group::cloud connector | Epic has no workflow label but is closed | | [Create dedicated key pair for Cloud Connector](https://gitlab.com/groups/gitlab-org/-/epics/16215) @mkaeppler (+0) group::cloud connector | Epic has no workflow label but is closed | | [Improve observability of Cloud Connector authentication](https://gitlab.com/groups/gitlab-org/-/epics/16848) @alipniagov (+0) group::cloud connector | Labeling problem, epic has no workflow label | | [Implement Cloud Connector readiness probe](https://gitlab.com/groups/gitlab-org/-/epics/16932) @alipniagov (+0) group::cloud connector | Epic has no workflow label but is closed | | [Phase 4: Support Synchronizing Both New and Legacy Unit Primitive (UP) Format](https://gitlab.com/groups/gitlab-org/-/epics/16828) @alipniagov @nmilojevic1 @rzwambag (+0) group::cloud connector | Epic has no workflow label but is closed | | [Corrective Actions from INC-205 - NatWest: Increase in Duo Authorization failures](https://gitlab.com/groups/gitlab-org/-/epics/17369) (+0) | Labeling problem, epic has no workflow label | | [Cloud Connector support for Duo Repackaging Iteration 1](https://gitlab.com/groups/gitlab-org/-/epics/16930) @alipniagov @mkaeppler @nmilojevic1 (+0) group::cloud connector | Epic has no workflow label but is closed | | [Cloud Connector support for Amazon Q GA](https://gitlab.com/groups/gitlab-org/-/epics/17213) @alipniagov @nmilojevic1 (+0) group::cloud connector | Epic has no workflow label but is closed | | [Environment-Specific Configuration for CloudConnector](https://gitlab.com/groups/gitlab-org/-/epics/17217) @nmilojevic1 (+0) group::provision | Labeling problem, epic has no workflow label | | [Add Cloud Connector readiness probe for Python backends](https://gitlab.com/groups/gitlab-org/cloud-connector/-/epics/4) @alipniagov (+0) group::cloud connector | Labeling problem, epic has no workflow label | | [Phase 3: Prepare unifying token issuance](https://gitlab.com/groups/gitlab-org/-/epics/15637) @mkaeppler (+0) group::cloud connector | Epic has no workflow label but is closed | | [Duo Self-Hosted: platform standardization and admin experience improvements](https://gitlab.com/groups/gitlab-org/-/epics/16843) (+0) | Labeling problem, epic has no workflow label | | [Proposal - gitlab.com can sync with CustomersDot](https://gitlab.com/groups/gitlab-org/-/epics/12714) (+0) group::cloud connector | Labeling problem, epic has no workflow label | | [Measuring Cloud Connector Adoption](https://gitlab.com/groups/gitlab-org/-/epics/12769) (+0) | Labeling problem, epic has no workflow label | | [SM / Dedicated Instance Admins can disable IDE-based AI usage tracking](https://gitlab.com/groups/gitlab-org/-/epics/12020) @mkaeppler (+0) group::cloud connector | Labeling problem, epic has no workflow label | | [Cloud Connector tidy ups](https://gitlab.com/groups/gitlab-org/-/epics/15902) (+0) | Labeling problem, epic has no workflow label | | [GitLab Cloud Connector - SaaS for Self-Managed GitLab instances](https://gitlab.com/groups/gitlab-org/-/epics/308) (+0) group::cloud connector | Labeling problem, epic has no workflow label | </details>

epic