Backups of GitLab.com
This policy specifies requirements for backups of GitLab.com
Policies related to GitLab.com
The handbook pages nested under “policies” directory are controlled documents, and follow a specific set of requirements to satisfy various regulatory obligations.
Avoid nesting non-controlled documentation at this location.
GitLab Teleport Access Policy
Purpose
To ensure an audited access to our terminal/CLI tools like Database Access and Rails Console, GitLab uses Teleport.
Scope
The Teleport Access policy applies to all systems within our production environment that require a terminal or CLI access.
Roles & Responsibilities
| Role | Responsibility |
|---|---|
| GitLab Team Members | Responsible for following the requirements in this policy |
| System Owners | Alignment to this policy |
| Code Owners | Responsible for approving changes and exceptions to this policy |
Procedure
- Teleport access is managed through Okta and is provided as part of a role’s baseline group assignment or through an access request with appropriate approval
- Access reviews are performed on a quarterly basis to ensure that all users are appropriate and have appropriate access levels.
- Teleport Audit Logs must be retained for a defined period of 1 year
- Teleport Audit Logs must not be modified and or deleted before the defined time of 1 year
- Access to Teleport Audit log data must be limited based on the principle of least privilege
Exceptions
Exceptions to this policy will be tracked as per the Information Security Policy Exception Management Process
Monitoring of GitLab.com
This policy specifies requirements for monitoring of GitLab.com
Last modified June 18, 2024: Add relative links rule (
cd96f133)
