Skip to main content

Getting started with GitHub Enterprise Cloud

Get started with setting up and managing your GitHub Enterprise Cloud organization or enterprise account.

This guide will walk you through setting up, configuring and managing your GitHub Enterprise Cloud account as an organization or enterprise owner.

免费试用 GitHub Enterprise Cloud

Part 1: Choosing your account type

GitHub provides two types of Enterprise products:

  • GitHub Enterprise Cloud
  • GitHub Enterprise Server

The main difference between the products is that GitHub Enterprise Cloud is hosted by GitHub, while GitHub Enterprise Server is self-hosted.

With GitHub Enterprise Cloud, you have the option of using 企业托管用户. 企业托管用户 is a feature of GitHub Enterprise Cloud that provides even greater control over enterprise members and resources. With 企业托管用户, all members are provisioned and managed through your identity provider (IdP) instead of users creating their own accounts on GitHub Enterprise Cloud. Team membership can be managed using groups on your IdP. 托管用户 are restricted to their enterprise and are unable to push code, collaborate, or interact with users, repositories, and organizations outside of their enterprise. For more information, see "About 企业托管用户."

If you choose to let your members create and manage their own personal accounts instead, there are two types of accounts you can use with GitHub Enterprise Cloud:

  • A single organization account
  • An enterprise account that contains multiple organizations

1. Understanding the differences between an organization account and enterprise account

Both organization and enterprise accounts are available with GitHub Enterprise Cloud. An organization is a shared account where groups of people can collaborate across many projects at once, and owners and administrators can manage access to data and projects. An enterprise account enables collaboration between multiple organizations, and allows owners to centrally manage policy, billing and security for these organizations. For more information on the differences, see "Organizations and enterprise accounts."

If you choose an enterprise account, keep in mind that some policies can be set only at an organization level, while others can be enforced for all organizations in an enterprise.

Once you choose the account type you would like, you can proceed to setting up your account. In each of the sections in this guide, proceed to either the single organization or enterprise account section based on your account type.

Part 2: Setting up your account

To get started with GitHub Enterprise Cloud, you will want to create your organization or enterprise account and set up and view billing settings, subscriptions and usage.

Setting up a single organization account with GitHub Enterprise Cloud

1. About organizations

Organizations are shared accounts where groups of people can collaborate across many projects at once. With GitHub Enterprise Cloud, owners and administrators can manage their organization with sophisticated user authentication and management, as well as escalated support and security options. For more information, see "About organizations."

2. Creating or upgrading an organization account

To use an organization account with GitHub Enterprise Cloud, you will first need to create an organization. When prompted to choose a plan, select "Enterprise". For more information, see "Creating a new organization from scratch."

Alternatively, if you have an existing organization account that you would like to upgrade, follow the steps in "Upgrading your GitHub subscription."

3. Setting up and managing billing

When you choose to use an organization account with GitHub Enterprise Cloud, you'll first have access to a 30-day trial. If you don't purchase GitHub Enterprise or GitHub Team before your trial ends, your organization will be downgraded to GitHub Free and lose access to any advanced tooling and features that are only included with paid products. For more information, see "Finishing your trial."

Your organization's billing settings page allows you to manage settings like your payment method and billing cycle, view information about your subscription, and upgrade your storage and GitHub Actions minutes. For more information on managing your billing settings, see "Managing your GitHub billing settings."

Only organization members with the owner or billing manager role can access or change billing settings for your organization. A billing manager is a user who manages the billing settings for your organization and does not use a paid license in your organization's subscription. For more information on adding a billing manager to your organization, see "Adding a billing manager to your organization."

Setting up an enterprise account with GitHub Enterprise Cloud

To get an enterprise account created for you, contact GitHub's Sales team.

1. About enterprise accounts

An enterprise account allows you to centrally manage policy and settings for multiple GitHub organizations, including member access, billing and usage and security. For more information, see "About enterprise accounts."

2. Adding organizations to your enterprise account

You can create new organizations to manage within your enterprise account. For more information, see "Adding organizations to your enterprise."

Contact your GitHub sales account representative if you want to transfer an existing organization to your enterprise account.

3. Viewing the subscription and usage for your enterprise account

You can view your current subscription, license usage, invoices, payment history, and other billing information for your enterprise account at any time. Both enterprise owners and billing managers can access and manage billing settings for enterprise accounts. For more information, see "Viewing the subscription and usage for your enterprise account."

Part 3: Managing your organization or enterprise members and teams with GitHub Enterprise Cloud

Managing members and teams in your organization

You can set permissions and member roles, create and manage teams, and give people access to repositories in your organization.

1. Managing members of your organization

您可以邀请任何人成为您组织的成员,只要他们在 GitHub 上拥有个人帐户。 您还可以移除成员并恢复以前的成员。 更多信息请参阅“管理组织中的成员资格”。

2. Organization permissions and roles

组织中的每个人都有一个角色,用于定义他们对组织的访问级别。 成员角色是默认角色,您可以分配所有者和帐单管理员角色以及“团队维护者”权限。 更多信息请参阅“组织中的角色”。

3. About and creating teams

团队是组织成员的组,您可以创建这些组以反映具有级联访问权限和提及的公司或组的结构。 组织成员可以向团队发送通知或请求审阅,并且团队可以是可见的或机密的。 更多信息请参阅“关于团队”。

您可以创建独立团队或拥有多个级别的嵌套团队,以反映您的组或公司的层次结构。 更多信息请参阅“创建团队”。

4. Managing team settings

您可以指定“团队维护者”来管理团队设置和讨论,以及其他权限。 更多信息请参阅“将团队维护者角色分配给团队成员”。

您可以在团队的设置中管理团队的代码审阅分配、更改团队可见性、管理团队的计划提醒等。 更多信息请参阅“将员组织成团队”。

5. Giving people and teams access to repositories, project boards and apps

您可以向组织成员、团队和外部协作者授予对具有存储库角色的组织拥有的存储库不同级别的访问权限。 更多信息请参阅“组织的仓库角色”。

您还可以自定义对组织项目板的访问权限,并允许各个组织成员管理组织的 GitHub 应用程序。 更多信息请参阅“管理对组织项目板的访问”和“管理对组织应用程序的访问”。

Managing members of an enterprise account

Managing members of an enterprise is separate from managing members or teams in an organization. It is important to note that enterprise owners or administrators cannot access organization-level settings or manage members for organizations in their enterprise unless they are made an organization owner. For more information, see the above section, "Managing members and teams in your organization."

If your enterprise uses 企业托管用户, your members are fully managed through your identity provider. Adding members, making changes to their membership, and assigning roles is all managed using your IdP. For more information, see "About 企业托管用户."

If your enterprise does not use 企业托管用户, follow the steps below.

1. Assigning roles in an enterprise

By default, everyone in an enterprise is a member of the enterprise. There are also administrative roles, including enterprise owner and billing manager, that have different levels of access to enterprise settings and data. For more information, see "Roles in an enterprise."

2. Inviting people to manage your enterprise

You can invite people to manage your enterprise as enterprise owners or billing managers, as well as remove those who no longer need access. For more information, see "Inviting people to manage your enterprise."

You can also grant enterprise members the ability to manage support tickets in the support portal. For more information, see "Managing support entitlements for your enterprise."

3. Viewing people in your enterprise

To audit access to enterprise-owned resources or user license usage, you can view every enterprise administrator, enterprise member, and outside collaborator in your enterprise. You can see the organizations that a member belongs to and the specific repositories that an outside collaborator has access to. For more information, see "Viewing people in your enterprise."

Part 4: Managing security with GitHub Enterprise Cloud

Managing security for a single organization

You can help keep your organization secure by requiring two-factor authentication, configuring security features, reviewing your organization's audit log and integrations, and enabling SAML single sign-on and team synchronization.

1. Requiring two-factor authentication

您可以查看您的组织成员是否启用了双重身份验证,并选择在您的组织中要求双重身份验证。 更多信息请参阅“您的组织中需要双重身份验证”。

2. Configuring security features for your organization

为保持 您的组织 安全,您可以使用各种 GitHub 安全功能,包括安全策略、依赖关系图、秘密扫描以及 Dependabot 安全和版本更新。 更多信息请参阅“保护组织”和“管理组织的安全和分析设置”。

3. Reviewing your organization's audit log and integrations

组织的审核日志允许您作为组织所有者查看组织成员在本月和前六个月内执行的操作。 更多信息请参阅“查看组织的审核日志”。

您还可以查看和配置组织已安装集成的权限级别。 更多信息请参阅“>审查组织已安装的集成”。

4. Enabling and enforcing SAML single sign-on for your organization

If you manage your applications and the identities of your organization members with an identity provider (IdP), you can configure SAML single-sign-on (SSO) to control and secure access to organization resources like repositories, issues and pull requests. When members of your organization access organization resources that use SAML SSO, GitHub will redirect them to your IdP to authenticate. For more information, see "About identity and access management with SAML single sign-on."

Organization owners can choose to disable, enable but not enforce, or enable and enforce SAML SSO. For more information, see "Enabling and testing SAML single sign-on for your organization" and "Enforcing SAML single sign-on for your organization."

5. Managing team synchronization for your organization

Organization owners can enable team synchronization between your identity provider (IdP) and GitHub to allow organization owners and team maintainers to connect teams in your organization with IdP groups. For more information, see "Managing team synchronization for your organization."

Managing security for an 具有托管用户的企业

With 企业托管用户, access and identity is managed centrally through your identity provider. Two-factor authentication and other login requirements should be enabled and enforced on your IdP.

1. Enabling and SAML single sign-on and provisioning in your 具有托管用户的企业

In an 具有托管用户的企业, all members are provisioned and managed by your identity provider. You must enable SAML SSO and SCIM provisioning before you can start using your enterprise. For more information on configuring SAML SSO and provisioning for an 具有托管用户的企业, see "Configuring SAML single sign-on for Enterprise Managed Users."

2. Managing teams in your 具有托管用户的企业 with your identity provider

You can connect teams in your organizations to security groups in your identity provider, managing membership of your teams and access to repositories through your IdP. For more information, see "Managing team memberships with identity provider groups."

3. Managing allowed IP addresses for organizations in your 具有托管用户的企业

You can configure an allow list for specific IP addresses to restrict access to assets owned by organizations in your 具有托管用户的企业. For more information, see "Enforcing policies for security settings in your enterprise."

4. Enforcing policies for Advanced Security features in your 具有托管用户的企业

如果您的企业帐户具有 GitHub Advanced Security 许可证,则可以对企业帐户拥有的组织实施策略来管理 GitHub Advanced Security 功能。 更多信息请参阅“在企业帐户实施高级安全策略”。

Managing security for an enterprise account without 托管用户

To manage security for your enterprise, you can require two-factor authentication, manage allowed IP addresses, enable SAML single sign-on and team synchronization at an enterprise level, and sign up for and enforce GitHub Advanced Security features.

1. Requiring two-factor authentication and managing allowed IP addresses for organizations in your enterprise account

Enterprise owners can require that organization members, billing managers, and outside collaborators in all organizations owned by an enterprise account use two-factor authentication to secure their personal accounts. Before doing so, we recommend notifying all who have access to organizations in your enterprise. You can also configure an allow list for specific IP addresses to restrict access to assets owned by organizations in your enterprise account.

For more information on enforcing two-factor authentication and allowed IP address lists, see "Enforcing policies for security settings in your enterprise."

2. Enabling and enforcing SAML single sign-on for organizations in your enterprise account

You can centrally manage access to your enterprise's resources, organization membership and team membership using your IdP and SAM single sign-on (SSO). Enterprise owners can enable SAML SSO across all organizations owned by an enterprise account. For more information, see "About identity and access management for your enterprise."

3. Managing team synchronization

You can enable and manage team synchronization between an identity provider (IdP) and GitHub to allow organizations owned by your enterprise account to manage team membership with IdP groups. For more information, see "Managing team synchronization for organizations in your enterprise account."

4. Enforcing policies for Advanced Security features in your enterprise account

如果您的企业帐户具有 GitHub Advanced Security 许可证,则可以对企业帐户拥有的组织实施策略来管理 GitHub Advanced Security 功能。 更多信息请参阅“在企业帐户实施高级安全策略”。

Part 5: Managing organization and enterprise level policies and settings

Managing settings for a single organization

To manage and moderate your organization, you can set organization policies, manage permissions for repository changes, and use organization-level community health files.

1. Managing organization policies

您可以管理组织中许多不同操作和功能的权限和策略。

例如,为了保护组织的数据,您可以限制在组织中创建存储库。 您还可以选择允许或阻止复刻您的组织拥有的私有仓库。 更多信息请参阅“限制组织中中的存储库创建”和“管理组织的复刻策略”。

有关可为组织配置的设置的完整列表,请参阅“管理组织设置”。

2. Managing repository changes

您可以配置在组织中创建、传输和删除存储库的权限,包括成员可以创建的类型。 更多信息请参阅“限制组织中的存储库创建”和“设置删除或传输存储库的权限”。

您还可以限制或授予更改存储库可见性的功能。 更多信息请参阅“限制组织的仓库可见性更改”。

3. Using organization-level community health files and moderation tools

您可以为组织创建默认的社区运行状况文件,例如 CONTRIBUTING.md 文件、CODE_OF_CONDUCT.md 文件,甚至是议题和拉取请求模板。 这些默认文件将用于您的组织拥有、不包含其自己的此类文件的任何存储库。 更多信息请参阅“创建默认社区健康文件”。

GitHub 提供了多种工具来审核和管理您的社区。 更多信息请参阅“用于主持社区的工具”。

Managing settings for an enterprise account

To manage and moderate your enterprise, you can set policies for organizations within the enterprise, view audit logs, configure webhooks, and restrict email notifications.

1. Managing policies for organizations in your enterprise account

You can choose to enforce a number of policies for all organizations owned by your enterprise, or choose to allow these policies to be set in each organization. Types of policies you can enforce include repository management, project board, and team policies. For more information, see "Setting policies for your enterprise."

2. Viewing audit logs, configuring webhooks, and restricting email notifications for your enterprise

You can view actions from all of the organizations owned by your enterprise account in the enterprise audit log. You can also configure webhooks to receive events from organizations owned by your enterprise account. For more information, see "Reviewing audit logs for your enterprise" and "Monitoring your enterprise."

You can also restrict email notifications for your enterprise account so that enterprise members can only use an email address in a verified or approved domain to receive notifications. For more information, see "Restricting email notifications for your enterprise."

Part 6: Customizing and automating your organization or enterprise's work on GitHub

Members of your organization or enterprise can use tools from the GitHub Marketplace, the GitHub API, and existing GitHub Enterprise Cloud features to customize and automate your work.

1. Using GitHub Marketplace

GitHub Marketplace contains integrations that add functionality and improve your workflow. You can discover, browse, and install free and paid tools, including GitHub 应用程序s, OAuth 应用程序s, and GitHub Actions, in GitHub Marketplace. For more information, see "About GitHub Marketplace."

2. Using the GitHub API

There are two versions of the GitHub API: the REST API and the GraphQL API. You can use the GitHub APIs to automate common tasks, back up your data, or create integrations that extend GitHub Enterprise Cloud. For more information, see "About GitHub's APIs."

3. Building GitHub Actions

With GitHub Actions, you can automate and customize GitHub.com's development workflow on GitHub Enterprise Cloud. You can create your own actions, and use and customize actions shared by the GitHub community. For more information, see "Learn GitHub Actions."

4. Publishing and managing GitHub Packages

GitHub Packages 是一种软件包托管服务,允许您私下或公开托管软件包,并将包用作项目中的依赖项。 更多信息请参阅“GitHub Packages 简介”。

5. Using GitHub Pages

GitHub Pages is a static site hosting service that takes HTML, CSS, and JavaScript files straight from a repository and publishes a website. You can manage the publication of GitHub Pages sites at the organization level. For more information, see "Managing the publication of GitHub Pages sites for your organization" and "About GitHub Pages."

Part 7: Participating in GitHub's community

Members of your organization or enterprise can use GitHub's learning and support resources to get the help they need. You can also support the open source community.

1. Reading about GitHub Enterprise Cloud on GitHub Docs

You can read documentation that reflects the features available with GitHub Enterprise Cloud. For more information, see "About versions of GitHub Docs."

2. Learning with GitHub Learning Lab

Members of your organization or enterprise can learn new skills by completing fun, realistic projects in your very own GitHub repository with GitHub Learning Lab. Each course is a hands-on lesson created by the GitHub community and taught by the friendly Learning Lab bot.

For more information, see "Git and GitHub learning resources."

3. Supporting the open source community

GitHub 赞助者 允许您每月定期向设计、创建或维护您所依赖的开源项目的开发人员或组织付款。 更多信息请参阅“关于 GitHub 赞助者”。

4. Contacting GitHub 支持

GitHub 支持 可帮助您排除在使用 GitHub 时遇到的问题。 更多信息请参阅“关于 GitHub 支持”。

GitHub Enterprise Cloud allows you to submit priority support requests with a target eight-hour response time. For more information, see "GitHub Enterprise Cloud support."