In this article:
Roles and permissions to perform a backup
Users have different roles in GitLab repositories. There are Guest, Reporter, Developer, Maintainer, and Owner. Your permissions depend on which role you have.
Guest
Users with this role can't backup repositories. A viewing will also be unavailable.
Reporter
Backup is performed, but without:
- deployment keys
- hooks
- feature flags
- variables
User with role Reporter gets information, that backup for these metadata failed because repository permissions are insufficient.
Developer
Backup is finished, but without:
- deployment keys
- hooks
- variables
The user gets the information about this on the backup summary.
Maintainer has permission to backup all metadata.
Owner has all permissions too.
Roles and permissions to perform a restore
There are two types of the repositories restore:
- The restore to the account. The user with any role can do this restore.
- The restore to the group (subgroup):
- If the user isn’t a member of the group (subgroup), the repository is restored to the account.
- If the user is a member of the group (subgroup) with the role of Guest/Reporter/Developer, the restore is failed with the information on the restore summary “Insufficient group permissions (Maintainer access level is required)”.
- If the user is a member of the group with the role of Maintainer or Owner, the restore is finished correctly.
In conclusion, if you want to achieve the highest level of data security, you should have the Maintainer or Owner role.