## :fire: Problem Currently, accessing (pulling file through) the Maven virtual registry [requires](https://gitlab.com/gitlab-org/gitlab/-/blob/10dcc5932d5717b625259a316c94d9528ddd02e5/ee/app/policies/virtual_registries/policies/group_policy.rb#L22): 1. be an administrator _or_ 1. be a direct members of the top level group (`guest`) _or_ 1. be a direct member of one of the included projects. We would like to remove (3.). Before doing so, we're going to have a `Transition period`. This issue prepares everything for that. ## :fish: Transition period ~backend tasks: * Log users that are granted `read_virtual_registry` through rule (3.). Log transparently (eg. the access is still granted) the situation. ~frontend tasks: * Add an UI Banner in virtual registry pages announcing that (3.) will be removed from the requirements. Additional tasks: * Communicate this in the [feedback issue](https://gitlab.com/gitlab-org/gitlab/-/issues/543045).