diff --git a/defaults/main.yml b/defaults/main.yml
index 26a1a28..bb22398 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -83,6 +83,8 @@ gitlab_runner_runners:
     tags: []
     # Indicates whether this runner can pick jobs without tags.
     run_untagged: true
+    # Indicates whether this runner should only pick jobs from protected branches.
+    protected: false
     # Docker privileged mode
     docker_privileged: false
     # Runner Locked. When a runner is locked, it cannot be assigned to other projects
diff --git a/tasks/register-runner-container.yml b/tasks/register-runner-container.yml
index a33f6b0..3d2bda9 100644
--- a/tasks/register-runner-container.yml
+++ b/tasks/register-runner-container.yml
@@ -31,6 +31,9 @@
       {% if gitlab_runner.run_untagged|default(true) %}
       --run-untagged
       {% endif %}
+      {% if gitlab_runner.protected|default(false) %}
+      --access-level="ref_protected"
+      {% endif %}
       --executor '{{ gitlab_runner.executor|default("shell") }}'
       --limit '{{ gitlab_runner.concurrent_specific|default(0) }}'
       --output-limit '{{ gitlab_runner.output_limit|default(4096) }}'
diff --git a/tasks/register-runner-windows.yml b/tasks/register-runner-windows.yml
index 62f059c..319f648 100644
--- a/tasks/register-runner-windows.yml
+++ b/tasks/register-runner-windows.yml
@@ -33,6 +33,9 @@
     {% if gitlab_runner.run_untagged|default(true) %}
     --run-untagged
     {% endif %}
+    {% if gitlab_runner.protected|default(false) %}
+    --access-level="ref_protected"
+    {% endif %}
     --executor '{{ gitlab_runner.executor|default("shell") }}'
     {% if gitlab_runner.shell is defined %}
     --shell '{{ gitlab_runner.shell }}'
diff --git a/tasks/register-runner.yml b/tasks/register-runner.yml
index 520306e..31b1593 100644
--- a/tasks/register-runner.yml
+++ b/tasks/register-runner.yml
@@ -38,6 +38,9 @@
       {% if gitlab_runner.run_untagged|default(true) %}
       --run-untagged
       {% endif %}
+      {% if gitlab_runner.protected|default(false) %}
+      --access-level="ref_protected"
+      {% endif %}
       --executor '{{ gitlab_runner.executor|default("shell") }}'
       {% if gitlab_runner.shell is defined %}
       --shell '{{ gitlab_runner.shell }}'