Onboard a GitLab App to SSPM
Table of Contents
Onboard a GitLab App to SSPM
Connect a GitLab App instance to SSPM to detect posture risks.
For SSPM to detect posture risks in your self-managed GitLab instance, you must
onboard your GitLab instance to SSPM. Through the onboarding process, SSPM connects
to a GitLab API and, through the API, scans your GitLab instance for misconfigured
settings. If there are misconfigured settings, SSPM suggests a remediation action
based on best practices.
SSPM gets access to your GitLab instance through an administrator access token.
During the onboarding process, SSPM prompts you for the access token and related
information about your GitLab instance.
To onboard your GitLab instance, you complete the following actions:
Collect Information for Connecting to Your GitLab Instance
To access your GitLab instance, SSPM requires the following information, which
you will specify during the onboarding process.
Item | Description |
|---|---|
Organization domain URL | A URL that uniquely identifies your organization's
self-managed GitLab instance. |
Admin access token | A generated character string that identifies a GitLab
administrator to the GitLab API. SSPM requires this access token
to authenticate to the API. ( Required Permissions )
The administrator must configure the token to have read
access to the API. |
As you complete the following steps, make note of the values of the items
described in the preceding table. You will need to enter these values during
onboarding to access your GitLab instance from SSPM.
- Create an administrator access token.
- Log in to your organization's self-managed GitLab instance as an administrator.
- Locate your profile icon and select .GitLab displays the User Settings page for the administrator account.
- In the left navigation pane of the User Settings page, selectAccess Tokens.
- Configure your access token by specifying a name and expiration date, and by selecting the permission scopes.(Required Permissions) You must configure the token to have read access to the API. To do this, select theread_apiscope.
- Create personal access token.GitLab displays your new personal access token.
- Copy the access token and paste it into a text file.Do not continue to the next step unless you have copied the administrator access token. You must provide this token to SSPM during the onboarding process.
- Identify your organization domain URL.To identify your organization domain URL, navigate to the login page for your organization's self-managed GitLab instance. Your organization domain URL appears after the "https://" scheme and before any backslash character. For example, https://<organization-name-URL>/users/sign_in.Make note of your organization domain URL. You will provide this information to SSPM during the onboarding process.
Connect SSPM to Your GitLab Instance
By adding a GitLab app in SSPM, you enable SSPM to connect to your self-managed
GitLab instance.
- From the Add Application page ( ), click the GitLab tile.
- Under posture security instances,Add Instanceor, if there is already an instance configured,Add Newinstance.
- Choose the option toLog in with Credentials.
- Enter the administrator access token and the organization domain URL.
- Connect.