Other Integrations & Connections

Connecting Vanta & GitLab Self-Managed instance

  • Updated

The GitLab integration allows you to connect both Cloud & Self-Managed types of GitLab instances. 

Prerequisites

  • Verify that you are an owner of the GitLab group you wish for Vanta to scan.
  • GitLab versions 16.x, 15.x and 14.x series are eligible for API v4 support

Procedure

  • From the left-hand navigation panel, select Integrations
  • Select the Available tab, and search for GitLab 
  • Select Connect
  • On the next page, select Self-Managed, then click next.

Screenshot 2024-01-22 at 5.08.42 pm.png

  • If you have IP restrictions enforced, allow Vanta's IP to access your GitLab instance. Vanta will access your infrastructure at the following CIDR range: 34.227.127.165/32
  • Enter the HTTPS URL for your GitLab instance. Note: The Self-Managed GitLab integration is only supported at a subdomain.
  • Click Next

Screenshot 2024-01-22 at 5.09.49 pm.png

Creating Vanta application in your GitLab instance

  • Create an application for Vanta to authenticate with your GitLab instance. This requires you to be the owner of the GitLab group you wish for Vanta to scan

  • From your GitLab Group dashboard, Settings, then select Applications.

Screenshot 2024-01-22 at 5.46.30 pm.png

  • Select Add New Application

Screenshot 2024-01-22 at 5.48.03 pm.png

  • Enter the information below to create the new application:
    • Name: Vanta

    • Redirect URI: https://api.vanta.com/auth/o/callback/gitlab

    • Confidential: checked

    • Scopes: read_api

    Screenshot 2024-01-22 at 5.26.58 pm.png

  • Click Save Application to generate the OAuth credentials.
  • Copy the Application ID and Secret.
    Note: Be sure to copy the Application ID and Secret and store them securely, as these details can not be reaccessed. Only select Continue once you have these copied and stored securely.

    Screenshot 2024-01-22 at 5.38.58 pm.png

  • Navigate back to the Vanta integration connection page, and paste the Application ID & Secret copied in the previous step.

Screenshot 2024-01-22 at 5.40.56 pm.png

  • Click Done
  • The page will redirect to GitLab to authorize the application. Click Authorize

Screenshot 2024-01-22 at 6.02.53 pm.png

  • When prompted select the Gitlab group you want Vanta to scan, then click Link GitLab account
    • Please note: Vanta is only able to connect and fetch one group and the subgroups beneath that for GitLab

Screenshot 2023-07-26 at 9.57.11 am.png

  • GitLab is now connected. 

Screenshot 2023-07-26 at 9.57.38 am.png