The following page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features or functionality remain at the sole discretion of GitLab Inc.
| Group | Authorization |
|---|---|
| Stage | Govern |
| Group | Authorization |
| Content Last Reviewed | 2024-02-18 |
This is the direction page for the Authorization group in the Software Supply Chain Security stage. The Authorization group is responsible for ensuring that an authenticated user has access to the proper resources within the application. Additionally, the group builds capabilities to detect and prevent malicious activity from occurring within GitLab environments.
| Priority | Name | DRI | Target Release |
|---|---|---|---|
| 1 | Assign custom role when sharing a group to a 'project' | eugielimpin |
17.10 |
| 2 | Confidential | hmehra |
17.10 |
| 3 | Pre-selected permissions based on base default role | imand3r |
17.10 |
| 4 | Add Manage Protected Environments as a customizable permission | dlrussel |
17.10 |
| 5 | Add Manage Protected Tags as a customizable permission | abime |
17.10 |
| 6 | Job Token Permissions - Beta | alexbuijs |
18.0 |
| 7 | Custom Admin Role - Beta | jarka |
18.0 |
| 8 | Job Token Permissions - GA | alexbuijs |
18.2 |
| 9 | Custom Admin Role - GA | jarka |
18.2 |
The UX department has performed a JTBD Canvas for Authorization that can be found on this epic and figma file.
The main jobs for users related to Authorization capabilities include:
| Main Job | Outcomes |
|---|---|
| Provision access rights | Minimize productivity loss coming from user’s lack of access to resources they need to do their job. Minimize security risk and data breaches coming from bad actors. Reduce manual work when managing user’s role and access to resources. |
| Maintain access policies | Minimize security risk and data breaches coming from bad actors. Increase compliance in industry related audits (eg SOC II). Standardize organization’s user and resource permission management across all software and applications. |
| Gain access rights | Decrease time spent on gaining access rights. Increase productivity Increase team collaboration. |