The following discussion from !156664 should be addressed: - [ ] @jwoodwardgl started a [discussion](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/156664#note_1958882296): (+2 comments) > Refactoring [this](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/156664#note_1958564768) I noticed that we actually don't validate the deploy key's user's membership when the access level is created, we only check that the deploy key has write access to the project. > > when a user creates this record. We have a validator to check if the deploy key has write access to the project but not that the deploy key user is a project member. If they aren't a project member during creation it's not a valid deploy key so we should add a validation error.