The following page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features or functionality remain at the sole discretion of GitLab Inc.
Stage | Govern |
Maturity | Minimal |
Content Last Reviewed | 2024-02-08 |
This direction page describes GitLab's plans for the permissions category that covers both default roles and custom roles. This page belongs to the Authorization group and is maintained by the Product Manager, Joe Randazzo.
This direction page is a work in progress, and everyone can contribute:
The Permissions category has primarily been driven by default roles that include Guest, Reporter, Developer, Maintainer, and Owner. These permissions can be scoped to resources including groups, users, protected objects, and tokens. More recently, the release of custom roles has enabled organizations that require strict permissions across various resources in GitLab.
The Permissions category does not include Login, SAML, LDAP, Enterprise Users, User Management, or Tokens. These features can be found in the Authentication group.
We want to help organizations by delivering controls to enable separation of duties and secure their SDLC within the GitLab Platform. While default roles can help 80% of organizations, another 20% operate in regulated environments that need tighter restrictions to resources in the platform. To achieve this, custom roles will fill the gap as a way to define RBAC to ensure granular permissions on resources. The driving principles around Authorization include:
In FY25, we are planning to focus on the following Product Themes:
Drive Use Case Adoption to Fully Realize Value :
While security and governance drive value in Ultimate, custom roles and flexibility of permissions play a key role in adoption.
Default roles are available for all tiers while free Guest users are for the Ultimate tier only.
Custom roles serve the need for Large Enterprise customers, Mid-Market customers, and those who operate in regulated industries such as Financial, Healthcare, or Public Sector. This feature is available for Ultimate tier only.