# Overview This epic tracks the implementation of the Security Manager role, a new member role that inherits from the Reporter role. The Security Manager role is designed to [insert purpose - e.g., "provide security teams with appropriate access to security-related features without requiring higher privilege levels"]. Role Inheritance Base Role: Reporter Additional Permissions: https://gitlab.com/gitlab-org/gitlab/-/work_items/581129 License Tier: [Free/Premium/Ultimate] # Implementation Plan: This work is broken down into focused, reviewable MRs with proper feature flag gating to ensure safe, incremental rollout: 1. Add Security Manager role infrastructure: - Add Security Manager environment variable and access value. - Add Security Manager model methods. - Add Security Manager GraphQL schema support. - Add Security Manager policy framework. - Expose the Security Manager in public APIs. - Add Security Manager frontend support. 2. Add the security manager role permissions: - Security Manager with Enhanced Group Security Permissions - Security Manager with Enhanced Project Security Permissions 3. Add Security Manager to user statistics 4. Promote the security manager role on the invite members page 5. Add documentation for the security manager role ## Key Principles: Incremental delivery: Each MR is independently reviewable and builds on the previous infrastructure. Feature flag gating: Proper gating controls throughout to enable safe testing and rollout. Early security review: The Security team is involved from the start to review changes as MRs are opened. Lessons learned: Incorporates feedback from the Planner role release to ensure smooth deployment. ## Testing Strategy: The Security Manager role will be fully testable once all MRs are merged. Each component will be validated through: - Code review during development - Stakeholder testing in the staging environment - AppSec review before production rollout - Use this issue for test cases that need to be verified https://gitlab.com/gitlab-org/gitlab/-/work_items/582716