Provide Auditor Role Access to Audit Events and Implement in GitLab.com SaaS

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Problem to solve

As an organization using Gitlab (SaaS or self-managed), I have a need to expose read-only access to security information such as audit events, so that members of my org's security team can collect relevant information to support security audits (for example, in the event of a compromised account).

Auditor Users aren't available in .COM, and also don't provide access (Auditor users will not be able to access the project/group settings pages, or the Admin Area.) to audit events.

Intended users

• Cameron (Compliance Manager)
• Alex (Security Operations Engineer)

User experience goal

As an Owner/Administrator of a gitlab.com namespace or a self-managed instance, I'd like to be able to offer members of my organization access to audit events in (all or some) of my groups or projects.

This may or may not include read-only access to all other objects within these namespaces as granted the auditor role.

Proposal

TBC

Further details

Permissions and Security

Documentation

Availability & Testing

What does success look like, and how can we measure that?

What is the type of buyer?

Is this a cross-stage feature?

Links / references