Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Custom Roles for Organizational Permissions #586

Closed
github-product-roadmap opened this issue Sep 14, 2022 · 2 comments
Closed

Custom Roles for Organizational Permissions #586

github-product-roadmap opened this issue Sep 14, 2022 · 2 comments
Labels
enterprise administration Feature: Enterprise server administration Enterprise Product SKU: GitHub Enterprise ga Feature phase: Generally available GHES 3.14 GHES 3.14 identity Feature: Github identity shipped Shipped

Comments

@github-product-roadmap
Copy link
Collaborator

github-product-roadmap commented Sep 14, 2022

Summary

Enterprise customers will have the ability to craft custom organization level roles from fine grained permissions. This will work in a similar way to the existing Custom Repository Roles feature. Admins will be able to create custom roles at the organizational layer, which grant permissions on both the organization (e.g. creating a GitHub app) and the repo level (viewing code).

Intended Outcome

Organizational admins can delegate organizational responsibilities and privileges safely, reducing the number of admins in an organization. This allows the creation of :

  • CI/CD admins
  • Invitation and membership admins
  • Security managers
  • Auditors

Admins can also grant org-wide permissions on repos, ensuring that teams with cross-cutting responsibilities can easily and automatically have the permissions they need to get their work done (for example, giving a security team read permissions on all repos).

How will it work?

The organization owner role will continue to exist, but organizations can now create custom roles that exist in between member and owner. These roles can be assigned to both users and teams inside the organization. The roles can contain both organization permissions (the ability to make a change to the organization) and repository permissions (the ability to interact with all of the repos in the organization).

@github github locked and limited conversation to collaborators Sep 14, 2022
@github-product-roadmap github-product-roadmap added admin-cloud preview Feature phase: Preview Enterprise Product SKU: GitHub Enterprise labels Sep 14, 2022
@ankneis ankneis moved this to Q4 2022 – Oct-Dec in GitHub Public Roadmap Sep 14, 2022
@ankneis ankneis moved this from Q4 2022 – Oct-Dec to Q1 2023 – Jan-Mar in GitHub Public Roadmap Nov 16, 2022
@ankneis ankneis added enterprise administration Feature: Enterprise server administration and removed admin-cloud labels Jan 6, 2023
@github-product-roadmap github-product-roadmap added identity Feature: Github identity and removed GHES 3.10 labels Apr 10, 2023
@ankneis ankneis moved this from Q1 2023 – Jan-Mar to Q2 2023 – Apr-Jun in GitHub Public Roadmap Apr 10, 2023
@ankneis ankneis added ga Feature phase: Generally available and removed preview Feature phase: Preview labels Oct 2, 2023
@ankneis ankneis moved this from Q2 2023 – Apr-Jun to Q4 2023 – Oct-Dec in GitHub Public Roadmap Oct 2, 2023
@ankneis ankneis added shipped Shipped GHES 3.13 GHES 3.13 labels Jan 9, 2024
@github-product-roadmap github-product-roadmap added GHES 3.14 GHES 3.14 and removed GHES 3.13 GHES 3.13 labels Jun 26, 2024
@ankneis
Copy link
Collaborator

ankneis commented Aug 23, 2024

This has shipped with GHES 3.14: https://docs.github.com/en/[email protected]/admin/release-notes!

@ankneis ankneis closed this as completed Aug 23, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
enterprise administration Feature: Enterprise server administration Enterprise Product SKU: GitHub Enterprise ga Feature phase: Generally available GHES 3.14 GHES 3.14 identity Feature: Github identity shipped Shipped
Projects
Status: No status
Development

No branches or pull requests

2 participants