Skip to main content

🧑‍🏫 Training and User Guides

Learn about the how the platform works.

📄️ 🕵️ Audit and Compliance

The Identity Platform manages access to our tech stack applications. We have automation for extracting audit and compliance artifacts including user listing, RBAC role mappings, application and group user membership, resource configuration, etc. This page provides a quick reference guide and runbooks for internal audit and compliance team members to perform audits and provides reference architecture and policy information for external auditors and compliance community to understand how our platform works to satisfy and exceed compliance requirements.

📄️ 🧑‍💻 Developer

The Identity Platform is a series of open source tools and reference architecture (paved roads) that the Identity Engineering team has created. We believe that everyone can contribute and help us add more business value, user experience quality of life improvements, and security best practices. This page provides a quick reference guide and runbooks for how internal team members can contribute to the platform and provides an orientation of all the components within the Identity Platform. You can see the Identity Platform documentation for each component to dive deeper and view the contribution guide for each repository after you understand the landscape.

📄️ 🧑‍🚒 Incident Response

The Identity Platform manages the top-level of administrative access and infrastructure for GitLab systems access, and manages access policies for our tech stack applications. We manage all configuration using Terraform or REST API for base state management with a GitOps CI/CD approach. We use YAML files for day-to-day user, group and policy management. This page provides a quick reference guide and runbooks for Security Operations team members to respond to incidents and self service guide for frequently asked questions and use cases.

📄️ 🧑‍💼 People Managers

The Identity Platform handles Identity and Access Management (IAM), role-based access control (RBAC), and the application, group, and infrastructure provisioning automation for all users at GitLab. This page provies a quick reference guide and runbook for people managers and directors to create and update Identity Role and Identity Group policies, manage which applications and groups that the people on your team have access to with self-service updates to Identity Role and Identity Group policies. This also includes instructions for adding, renaming, refactoring, or removing job roles and teams from the Identity Platform.

📄️ 🧑‍🔧 Policy Management

The Identity Platform manages the top-level of administrative access and infrastructure for GitLab systems access, and manages access policies for our tech stack applications. We manage all configuration using Terraform (Configuration/Infrastructure-as-Code) or REST API (guess and check policy enforcement with API endpoints) base state management with a GitOps CI/CD approach. This page provides a quick reference guide and runbooks for how we have embedded change management in all of our processes and automation with configuration-as-code state management, merge request approval rules, approval user experience, audit and diff logging, and more.