Enhanced Governance and Control: New Role-Based Permissions in the GitLabHost Control Panel

Last week, our team engaged with leaders at the IT Security & Legal Symposium. The central theme was clear, as development speeds up with tools like GitLab Duo and AI, the need for robust governance and auditability within the organization accelerates even faster.

At GitLabHost, our mission is to provide secure, compliant, managed hosting so you can focus on shipping code. This commitment to security extends beyond our infrastructure and into how you manage your resources with us.

That’s why we are excited to announce the launch of Role-Based Permissions (RBP) in the GitLabHost Control Panel. This critical update gives company owners and Administrators fine-grained control over exactly who can manage, purchase, and view sensitive data.

The Challenge: When Everyone is an Admin

Before today, every user within your company profile in our Control Panel held the status of 'Admin.' While simple, this presented clear risks:

• A team member only interested in invoices could accidentally view or delete a production GitLab instance.
• The entire company user list had rights to make changes to sensitive billing information or mandates.

This 'all or nothing' approach is simply not compatible with modern security and compliance best practices. It directly violates the principle of least privilege, which is foundational to a secure environment.

Introducing Fine-Grained Control: Our New Roles

We have split access into three distinct roles to ensure separation of duties and minimize potential risk:

- Admin: Full control over everything: instance creation/deletion, user management, billing, and mandates. (Equivalent to the previous access level.). This role would be perfect for: Company Owners, Technical Leads, or designated Security Administrators.

- Billing Access: strictly limited to viewing and managing invoices, billing information, and payment mandates. Cannot view or manage GitLab Instances or Runners. This role would be perfect for: Accounting, Finance, and Procurement Teams.

- Member: View-Only Access to practically everything, including existing GitLab instances and Runners. Cannot create, edit, delete, or manage billing. And this role could be used for: Developers, Project Managers, or Internal Teams requiring read-only status for auditing or information gathering.

What This Means for You

• Security & Compliance: You can now confidently limit access to production infrastructure. This is a foundational step toward meeting high governance standards (like ISO 27001) where the principle of least privilege is mandatory.
• Long-Term Reliability: We’ve built automated permission tests into our continuous release pipeline. This guarantees that your defined roles remain accurate and secure, preventing 'permissions creep' with every future update.
• Peace of Mind: Eliminate the risk of accidental configuration changes or service deletion by non-technical or non-authorized personnel.
• Streamlined Onboarding: New company users are now designated as Member (View-Only) by default, ensuring security from day one. Admins can easily edit these roles in the Company Users view.

Important Best Practice: Redundant Administrators

While RBP enhances security, it's crucial to maintain operational resilience. We strongly recommend having at least two active users assigned the 'Admin' role within your company. This ensures that in the event an Administrator leaves the company, or if their account is otherwise inaccessible, you retain full access to your GitLabHost Control Panel and can manage your services without interruption.

Conclusion and Next Steps

The new Role-Based Permissions feature is live today. It is a direct result of our commitment to embedding security and governance into every aspect of our managed service.

We encourage all current Admins to review their user lists and assign the appropriate roles to enforce the principle of least privilege immediately.

Log in to your Control Panel now to manage user roles

‍

‍