debian-mirror-gitlab/doc/administration/auditor_users.md

58 lines
2.7 KiB
Markdown
Raw Normal View History

2021-01-03 14:25:43 +05:30
---
2022-05-07 20:08:51 +05:30
stage: Manage
group: Authentication and Authorization
2021-02-22 17:27:13 +05:30
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
2021-01-03 14:25:43 +05:30
---
2019-07-31 22:56:46 +05:30
2021-03-11 19:13:27 +05:30
# Auditor users **(PREMIUM SELF)**
2019-07-31 22:56:46 +05:30
2022-07-16 23:28:13 +05:30
Users with auditor access have read-only access to all groups, projects, and other resources except:
- The [Admin Area](../user/admin_area/index.md).
- Project and group settings.
2019-07-31 22:56:46 +05:30
2022-07-16 23:28:13 +05:30
For more information, see [Auditor user permissions and restrictions](#auditor-user-permissions-and-restrictions)
section.
2019-07-31 22:56:46 +05:30
2022-07-23 23:45:48 +05:30
Situations where auditor access for users could be helpful include:
2021-01-03 14:25:43 +05:30
- Your compliance department wants to run tests against the entire GitLab base
to ensure users are complying with password, credit card, and other sensitive
2022-07-16 23:28:13 +05:30
data policies. You can achieve this with auditor access without giving the compliance department
user administration rights or adding them to all projects.
2021-01-03 14:25:43 +05:30
- If particular users need visibility or access to most of all projects in
your GitLab instance, instead of manually adding the user to all projects,
2022-07-16 23:28:13 +05:30
you can create an account with auditor access and then share the credentials
with those users to which you want to grant access.
2019-07-31 22:56:46 +05:30
2022-07-16 23:28:13 +05:30
## Add a user with auditor access
2019-07-31 22:56:46 +05:30
2022-07-16 23:28:13 +05:30
To create a new user account with auditor access (or change an existing user):
To create a user account with auditor access:
2021-01-03 14:25:43 +05:30
2021-11-11 11:23:49 +05:30
1. On the top bar, select **Menu > Admin**.
2021-09-04 01:27:46 +05:30
1. On the left sidebar, select **Overview > Users**.
2022-07-16 23:28:13 +05:30
1. Create a new user or edit an existing one. Set **Access Level** to **Auditor**.
2022-06-21 17:19:12 +05:30
1. If you created a user, select **Create user**. For an existing user, select **Save changes**.
2019-07-31 22:56:46 +05:30
2022-07-16 23:28:13 +05:30
To revoke auditor access from a user, follow these steps but set **Access Level** to **Regular**.
You can also give users auditor access using [SAML groups](../integration/saml.md#auditor-groups).
## Auditor user permissions and restrictions
Auditor access is _not_ a read-only version of administrator access because it doesn't permit access to the Admin Area.
For access to their own resources and resources within a group or project where they are a member,
users with auditor access have the same [permissions](../user/permissions.md) as regular users.
If you are signed in with auditor access, you:
- Have full access to projects you own.
- Have read-only access to projects you aren't a member of.
- Have [permissions](../user/permissions.md) based on your role to projects you are a member of. For example, if you have the Developer role,
you can push commits or comment on issues.
- Can access the same resources using the GitLab UI or API.
- Can't view the Admin Area, or perform any administration actions.