diff options
Diffstat (limited to 'doc/user/application_security/configuration/index.md')
| -rw-r--r-- | doc/user/application_security/configuration/index.md | 49 |
1 files changed, 40 insertions, 9 deletions
diff --git a/doc/user/application_security/configuration/index.md b/doc/user/application_security/configuration/index.md index fe21fdc1f15..c6584054894 100644 --- a/doc/user/application_security/configuration/index.md +++ b/doc/user/application_security/configuration/index.md @@ -5,14 +5,22 @@ group: Static Analysis info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Security Configuration **(ULTIMATE)** +# Security Configuration **(FREE)** -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20711) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6. -> - SAST configuration was [enabled](https://gitlab.com/groups/gitlab-org/-/epics/3659) in 13.3 and [improved](https://gitlab.com/gitlab-org/gitlab/-/issues/232862) in 13.4. -> - DAST Profiles feature was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40474) in 13.4. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20711) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6. **(ULTIMATE)** +> - SAST configuration was [enabled](https://gitlab.com/groups/gitlab-org/-/epics/3659) in 13.3 and [improved](https://gitlab.com/gitlab-org/gitlab/-/issues/232862) in 13.4. **(ULTIMATE)** +> - DAST Profiles feature was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40474) in 13.4. **(ULTIMATE)** +> - A simplified version was made [available in all tiers](https://gitlab.com/gitlab-org/gitlab/-/issues/294076) in GitLab 13.9. **(FREE)** +> - It's [deployed behind a feature flag](../../feature_flags.md), disabled by default. +> - It's enabled on GitLab.com. +> - It's recommended for production use. +> - For GitLab self-managed instances, GitLab administrators can opt to [enable it](#enable-or-disable-security-configuration). **(FREE SELF)** +> - It can be enabled or disabled for a single project. + +WARNING: +This feature might not be available to you. Check the **version history** note above for details. -The Security Configuration page displays the configuration state of each security control in the -current project. +The Security Configuration page displays what security scans are available, links to documentation and also simple enablement tools for the current project. To view a project's security configuration, go to the project's home page, then in the left sidebar go to **Security & Compliance > Configuration**. @@ -20,10 +28,11 @@ then in the left sidebar go to **Security & Compliance > Configuration**. For each security control the page displays: - **Security Control:** Name, description, and a documentation link. -- **Status:** The security control's status (enabled, not enabled, or available). - **Manage:** A management option or a documentation link. -## Status +## Status **(ULTIMATE)** + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20711) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6. The status of each security control is determined by the project's latest default branch [CI pipeline](../../../ci/pipelines/index.md). @@ -35,7 +44,7 @@ all security features are configured by default. For SAST, click **View history** to see the `.gitlab-ci.yml` file's history. -## Manage +## Manage **(ULTIMATE)** You can configure the following security controls: @@ -45,3 +54,25 @@ You can configure the following security controls: - Click either **Enable** or **Configure** to use SAST for the current project. For more details, see [Configure SAST in the UI](../sast/index.md#configure-sast-in-the-ui). - DAST Profiles - Click **Manage** to manage the available DAST profiles used for on-demand scans. For more details, see [DAST on-demand scans](../dast/index.md#on-demand-scans). + +### Enable or disable Security Configuration **(FREE SELF)** + +Security Configuration is under development but ready for production use. +It is deployed behind a feature flag that is **disabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) +can opt to enable it. + +NOTE: +This does not apply to GitLab Ultimate. + +To enable it: + +```ruby +Feature.enable(:secure_security_and_compliance_configuration_page_on_ce, Project.find(<project id>)) +``` + +To disable it: + +```ruby +Feature.disable(:secure_security_and_compliance_configuration_page_on_ce, Project.find(<project id>)) +``` |