GitLab

Configuring the Veza integration for GitLab

This integration discovers Users, Groups, and Projects for GitLab software development platform, along with authorization data for each group and projects. The integration supports self-hosted and SaaS GitLab deployments.

The GitLab integration requires a read-only access token for authentication, and will discover all groups, sub-groups, and projects the token can access. For self-hosted (non-SaaS) environments, you can optionally discover all groups and additional user information by providing an admin token.

See Notes and Supported Entities for more information.

Setup

Generate a GitLab access token

Generate a GitLab access token under GitLab Edit profile > Access Tokens.
- For self-hosted, we recommend generating a personal access token for an Admin-level user to enable full discovery.
- For GitLab SaaS, a group token will typically be most appropriate. Personal access tokens for a group Owner can also be used.
- Assign the access token read_api access only.
- Assign the token a name and expiration date.
- Save the generated token and use it to configure the integration.

Add the integration to Veza

To enable the integration:

Browse to the Veza platform and log in.
Go to Integrations.
Click Create Integration. Select GitLab as the integration to add.
Complete the required fields:
- Insight Point: By default, integrations run on the Veza SaaS platform. Optionally, you can make an internal connection to GitLab with a deployed Insight Point.
- Name: Friendly name for the GitLab deployment.
- URL: GitLab URL for the connection. Use https://gitlab.com for SaaS or specify URL for self-managed GitLab.
- Access Token: Integration Access Token.
Click Create Integration to save and enable the configuration.

Notes and supported entities

This connector creates the following entities to map applications and identities to permissions:

GitLab	Entity
deployment	GitLab Application
users	GitLab User
GitLab admin	GitLab Role
logged-in user	GitLab Role
project	GitLab Project Resource
group	GitLab Group

GitLab

Entity

deployment

GitLab Application

users

GitLab User

GitLab admin

GitLab Role

logged-in user

GitLab Role

project

GitLab Project Resource

group

GitLab Group

GitLab groups are represented both as a Group for User membership and as a Group Resource to show user's role in the group and associated permissions (such as Developer, Owner, Guest).

Attributes

Entity Property Values

Entity	Property	Values
User	`email`	Email address for user if available
User	`bot`	Boolean for bot users*
User	`gitlab_id`	Unique GitLab user ID number
User	`is_licensed`	State of GitLab license usage
User	`state`	Account state `active`, `blocked`, `deactivated`
User	`is_active`	True if account state is `active`
User	`created_at`	Time user account was created
User	`last_login_at`	Time of last user login to GitLab*
Project	`visibility`	Project visibility, `private`, `internal`, `public`
Project	`gitlab_id`	Unique GitLab project ID number

User

email

Email address for user if available

User

bot

Boolean for bot users*

User

gitlab_id

Unique GitLab user ID number

User

is_licensed

State of GitLab license usage

User

state

Account state active, blocked, deactivated

User

is_active

True if account state is active

User

created_at

Time user account was created

User

last_login_at

Time of last user login to GitLab*

Project

visibility

Project visibility, private, internal, public

Project

gitlab_id

Unique GitLab project ID number

Limitations

Attributes above marked with * are only available on self-hosted with an admin token
Does not currently process external users

PreviousGitHub NextHashiCorp Vault

Last updated 3 months ago