# chainctl iam identities create gitlab

URL: https://edu.chainguard.dev/chainguard/chainctl/chainctl-docs/chainctl_iam_identities_create_gitlab.md
Last Modified: April 20, 2026
Tags: chainctl, Reference, Product

 chainctl iam identities create gitlab chainctl iam identities create gitlab NAME --project-path=GITLAB-GROUP/GITLAB-PROJECT --ref-type={tag|branch} [--ref=REF] [--parent=PARENT] [--description=DESC] [--role=ROLE,ROLE,...] [--output=id|json|table] Examples # Create a Gitlab CI identity for any branch in a given Gitlab project chainctl iam identities create gitlab my-gitlab-identity --project-path=my-group/my-project --ref-type=branch --parent=eng-org # Create a Gitlab CI identity for a given branch in a Gitlab project and bind to a role chainctl iam identities create gitlab my-gitlab-identity --project-path=my-group/my-project --ref-type=branch --ref=main --role=owner Options -d, --description string The description of the resource. -n, --name string Given name of the resource. --parent string The name or id of the parent location to create this identity under. --project-path string The name of a Gitlab project where the action executes in the form &#34;group-name/project-name[/foo/bar]&#34;. You can use a &#34;*&#34; for project-name (or sub-projects) to match any project in the group. --ref string The reference for the executing action. If left empty or &#34;*&#34;, all references will match. --ref-type string The type of reference for the executing action, must be either &#34;tag&#34; or &#34;branch&#34;. --role strings A comma separated list of names or IDs of roles to bind this identity to (optional). -y, --yes Automatic yes to prompts; assume &#34;yes&#34; as answer to all prompts and run non-interactively. Options inherited from parent commands --api string The url of the Chainguard platform API. (default &#34;https://console-api.enforce.dev&#34;) --audience string The Chainguard token audience to request. (default &#34;https://console-api.enforce.dev&#34;) --config string A specific chainctl config file. Uses CHAINCTL_CONFIG environment variable if a file is not passed explicitly. --console string The url of the Chainguard platform Console. (default &#34;https://console.chainguard.dev&#34;) --force-color Force color output even when stdout is not a TTY. -h, --help Help for chainctl --issuer string The url of the Chainguard STS endpoint. (default &#34;https://issuer.enforce.dev&#34;) --log-level string Set the log level (debug, info) (default &#34;ERROR&#34;) -o, --output string Output format. One of: [csv, env, go-template, id, json, markdown, none, table, terse, tree, wide] -v, --v int Set the log verbosity level. SEE ALSO chainctl iam identities create	- Create a new identity.