diff --git a/doc/README.md b/doc/README.md
index 1cdb5bc7b4769d6ccff4e65885578babb0c42af9..c3db960514f76da8f44a16a93ef8544a40b9e18b 100644
--- a/doc/README.md
+++ b/doc/README.md
@@ -364,6 +364,7 @@ The following documentation relates to the DevOps **Secure** stage:
| [Dependency Scanning](user/application_security/dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. |
| [Dynamic Application Security Testing (DAST)](user/application_security/dast/index.md) **(ULTIMATE)** | Analyze running web applications for known vulnerabilities. |
| [Group Security Dashboard](user/application_security/security_dashboard/index.md#group-security-dashboard) **(ULTIMATE)** | View vulnerabilities in all the projects in a group and its subgroups. |
+| [Instance Security Dashboard](user/application_security/security_dashboard/index.md#instance-security-dashboard) **(ULTIMATE)** | View vulnerabilities in all the projects you're interested in. |
| [License Compliance](user/application_security/license_compliance/index.md) **(ULTIMATE)** | Search your project's dependencies for their licenses. |
| [Pipeline Security Dashboard](user/application_security/security_dashboard/index.md#pipeline-security-dashboard) **(ULTIMATE)** | View the security reports for your project's pipelines. |
| [Project Security Dashboard](user/application_security/security_dashboard/index.md#project-security-dashboard) **(ULTIMATE)** | View the latest security reports for your project. |
diff --git a/doc/user/application_security/security_dashboard/img/instance_security_dashboard_link_v12_4.png b/doc/user/application_security/security_dashboard/img/instance_security_dashboard_link_v12_4.png
new file mode 100644
index 0000000000000000000000000000000000000000..e0e80810b082e068d00a3e13a44e97b0131cad6b
Binary files /dev/null and b/doc/user/application_security/security_dashboard/img/instance_security_dashboard_link_v12_4.png differ
diff --git a/doc/user/application_security/security_dashboard/img/instance_security_dashboard_with_projects_v12_7.png b/doc/user/application_security/security_dashboard/img/instance_security_dashboard_with_projects_v12_7.png
new file mode 100644
index 0000000000000000000000000000000000000000..ffd6b0bfae61e05eeac91489798364ef4ac30d11
Binary files /dev/null and b/doc/user/application_security/security_dashboard/img/instance_security_dashboard_with_projects_v12_7.png differ
diff --git a/doc/user/application_security/security_dashboard/index.md b/doc/user/application_security/security_dashboard/index.md
index bb2bf0b78060dc0b8a123446fa6b58d4128f4175..e9ae87ab44e7e7f3bbabf886fd40ad23e61521da 100644
--- a/doc/user/application_security/security_dashboard/index.md
+++ b/doc/user/application_security/security_dashboard/index.md
@@ -26,7 +26,7 @@ The Security Dashboard supports the following reports:
## Requirements
-To use the group, project or pipeline security dashboard:
+To use the instance, group, project or pipeline security dashboard:
1. At least one project inside a group must be configured with at least one of
the [supported reports](#supported-reports).
@@ -110,6 +110,31 @@ vulnerabilities are not included either.
Read more on how to [interact with the vulnerabilities](../index.md#interacting-with-the-vulnerabilities).
+## Instance Security Dashboard
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/6953) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.7.
+
+At the instance level, the Security Dashboard displays the vulnerabilities
+present in all of the projects that you have added to it.
+
+You can access the Instance Security Dashboard from the menu
+bar at the top of the page. Under **More**, select **Security**.
+
+
+
+### Adding projects to the dashboard
+
+To add projects to the dashboard:
+
+1. Click the **Edit dashboard** button on the Instance Security Dashboard page.
+1. Search for and add one or more projects using the **Search your projects** field.
+1. Click the **Add projects** button.
+
+Once added, the dashboard will display the vulnerabilities found in your chosen
+projects.
+
+
+
## Keeping the dashboards up to date
The Security Dashboard displays information from the results of the most recent
diff --git a/ee/app/controllers/security/application_controller.rb b/ee/app/controllers/security/application_controller.rb
index ebab1169bf15ad9464f419770e631c3da0d528d0..d5719a2840240006794d81c78ee965df30009ccc 100644
--- a/ee/app/controllers/security/application_controller.rb
+++ b/ee/app/controllers/security/application_controller.rb
@@ -4,13 +4,13 @@ module Security
class ApplicationController < ::ApplicationController
before_action :authorize_read_security_dashboard!
before_action do
- push_frontend_feature_flag(:security_dashboard)
+ push_frontend_feature_flag(:security_dashboard, default_enabled: true)
end
private
def authorize_read_security_dashboard!
- render_404 unless Feature.enabled?(:security_dashboard) &&
+ render_404 unless Feature.enabled?(:security_dashboard, default_enabled: true) &&
can?(current_user, :read_security_dashboard)
end
end
diff --git a/ee/app/helpers/ee/dashboard_helper.rb b/ee/app/helpers/ee/dashboard_helper.rb
index 5613edd7ddf77b9caebb6754f8fa3346c93485d4..d70d1bfdf4815b3a72f94ac6d5b938a5abe0452b 100644
--- a/ee/app/helpers/ee/dashboard_helper.rb
+++ b/ee/app/helpers/ee/dashboard_helper.rb
@@ -55,7 +55,7 @@ def get_dashboard_nav_links
links << :operations
end
- if ::Feature.enabled?(:security_dashboard) && can?(current_user, :read_security_dashboard)
+ if ::Feature.enabled?(:security_dashboard, default_enabled: true) && can?(current_user, :read_security_dashboard)
links << :security
end
end
diff --git a/ee/changelogs/unreleased/6953-instance-security-dashboard-enable-flag-and-docs-ee.yml b/ee/changelogs/unreleased/6953-instance-security-dashboard-enable-flag-and-docs-ee.yml
new file mode 100644
index 0000000000000000000000000000000000000000..702a0e0e22d65cccc3fc594e4e6a53725e57ffe6
--- /dev/null
+++ b/ee/changelogs/unreleased/6953-instance-security-dashboard-enable-flag-and-docs-ee.yml
@@ -0,0 +1,5 @@
+---
+title: Add Instance Security Dashboard feature
+merge_request: 18008
+author:
+type: added