stack twitter tryhackme rss linkedin cross

Wilco van Esch

Skip to main content

Search results

    Manage access to GitLab projects

    In GitLab, the following is how you set permissions for a repo.


    You can divide your team or organisation into groups and subgroups. For example, you could have a group called weyland-yutani, with subgroups weyland-yutani/marketing and weyland-yutani/external.

    This works as follows:

    • If you invite a subgroup to a project, access to that project is extended to members in the subgroup and the parent group.
    • If you add a member to a subgroup, they gain access to projects assigned to the subgroup, but not to projects assigned only the parent group.
    • Why not create more groups instead of subgroups? Firstly because groups are GitLab-wide. You cannot use group names which another organisation uses. Secondly, you wouldn’t be able to inherit members from the parent group, you’d have to manage those members separately.

    If you want to give access to one or more people:

    Giving access to a repo

    For each individual:

    1. Go to Groups
    2. Select the group or subgroup for editing (cog icon)
    3. Go to Members
    4. Ensure you’re on the Invite member tab and:
      1. Enter their GitLab username, GitHub username, or email address
      2. Choose the appropriate permission role (roles explained below)
      3. Hit Invite

    If you only added people to the main group, they’ve already been added to each project in the space, in which case the following steps are not needed.

    For each project:

    1. Go to Projects -> Your projects
    2. Go to the project (hit the linked project name)
    3. Go to Settings -> Members
    4. Go to the Invite group tab and:
      1. Select the group or subgroup
      2. Select the maximum permission role they should have (roles explained below)
      3. Hit Invite



    Role Can Cannot
    Guest View basic project details Leave comments or create issues on private projects
    Reporter Create issues, manage labels, see merge requests Create branches or push to branches.
    Developer Create branches, create merge requests, cancel and retry jobs Push to a protected branch
    Maintainer Can push to a protected branch, can add members, can manage CI/CD Transfer/remove projects
    Owner Transfer/remove projects Fly, become invisible, stop time

    More detail can be found in the Permissions section of the GitLab Docs.