DOS6028

Group description should not be empty

DOS6028

GitLab organization Severitylow builtIn

Description

Top-level groups should carry a non-empty description so that compliance reviewers and onboarding members can understand the group's purpose without external context. An empty description is a sign of an unmanaged group that may also lack policy assignments and member governance.

Recommendation

1. Go to your top-level Group Settings > General. 
2. Expand the Naming, visibility section. 
3. Fill in the Group description field with at least one sentence describing the group's purpose, owner team, and data classification. 
4. Save changes.

Policy Rule

{
  "target": "GLGroup",
  "if": {
    "allOf": [
      {
        "resource": "GLGroup",
        "property": "Description",
        "operator": "notEquals",
        "value": ""
      }
    ]
  },
  "then": {
    "effect": "Audit"
  }
}
« DOS6027 DOS6029 »
Rule Details
  • Rule ID: DOS6028
  • Code: GL_Group_Description_Should_Not_Be_Empty
  • Platform: GitLab
  • Category: organization
  • Severity: Severitylow
  • Type: builtIn
Related Rules

Copyright © DevOps Shield. All Rights Reserved. Privacy Policy | Cookie Policy | Terms and Conditions | v1.0.2