How to override a Security Policy at the sub-group/project level

I am looking to implement the GitLab Security features by using the Security Policies at group level. But there are few projects which don’t needs them. As both the Group and Sub-Group Owner, I need to disable one Scan Execution Policy for a Project, but am not able to do it.

Can you please help me out. Just need to remove/disable/override a Security Policy created at Group/Sub-Group level. Thank You.

Hello @robin0011, welcome to GitLab Forum and thank you for your question and interest in Scan Execution Policies feature.

Scan Execution Policies were designed to be additive to make sure policies are enforced and cannot be removed/disabled/overridden by developers.

I recommend keeping policies in Security Policy Project for Group that are all projects in your group and have separate Security Policy Project with policies applicable only for selected projects and assign this Policy Project individually to each project, you can assign one Security Policy Project to multiple Projects.

We are planning to add a feature that should be helpful in your case: Limit Group/Workspace Policies to only Projects with Specified Compliance Framework Labels, with this feature you would be able to specify labels for your projects and policies that are applied only when a given project has given label.

If you are on Ultimate Plan you can always contact our Support team to help you.

Thank you