« Blog Home

What are Custom Roles in GitLab?

GitLab offers default roles with predefined permissions for users within a project or group.
However, there’s also a feature called Custom Roles that provides more flexibility
and enables to tailor permission levels for task completion.

Custom roles are available in GitLab Ultimate Edition (Self-managed and SaaS) only.
Contact us (gitlab@almtoolbox.com) If you’d like to learn more about GitLab Ultimate or your need pricing quote.

Here’s a breakdown of Custom Roles in GitLab:

  • Purpose: Grant granular access control by letting you define custom roles and assign specific permissions to them. This allows you to tailor user access according to your organization’s needs.
  • Benefits:
    • Principle of Least Privilege: You can assign only the necessary permissions to each role, enhancing security.
    • Customization: Create roles that precisely match your project or group’s workflow.
  • Permissions vs Abilities: The terms are often used interchangeably. An “ability” refers to an action a user can perform, mapped to GitLab’s Declarative Policy abilities. “Permission” is the user-facing term for an ability.
  • Creating and Assigning: As of GitLab 16.7, you can create, remove, and manage custom roles directly through the user interface.

In essence, Custom Roles empower you to create a permission structure that aligns perfectly with your GitLab projects or groups, ensuring users have the right access to perform their tasks effectively.

Demo: Custom Roles creation via User Interface (UI)

Demo: Ultimate Guest can view code on private repositories via Custom Role

GitLab allows you to extend guest users in a way they can read code – see how:

Watch: Implementing Custom Roles and Granular Security Permissions with GitLab

Related Articles: