### Problem to solve We can only restrict the **global** visibility now according the [doc](https://docs.gitlab.com/ee/public_access/public_access.html#restricting-the-use-of-public-or-internal-projects). We need restrict the visibility at the group level not the global level. ### Further details In my compony, it is not allowed to create a project with the **public** visibility level. So the administrator just disabled it. However, we need mirror many golang packages from the Internet and all these repos should be accessed anonymously. As a result, we have to contact the administrator to reset these repos' visibility to **public**, _manually_. It is boring. ### Proposal I propose to support setting the restriction of visibility at the level of group. If this proposal was implemented, we could disallowed to create group with public visibility level. And we can only contact the administrator to create a public group manually. So we can create public repos in these public group. As we can not create group with public visibility level ourselves, all project created in our group will be restricted to internal or private. It will be a great convenience. ### What does success look like, and how can we measure that? The UI should be same with current global level restriction UI, but for groups only. ### Links / references