Skip to main content

Gestionar a los administradores de seguridad en tu organización

Puedes otorgar a tu equipo de seguridad el menor grado de acceso que necesiten para configurar y controlar la seguridad del código para tu organización si asignas un equipo el rol de administrador de seguridad.

¿Quién puede utilizar esta característica?

Organization owners can assign the security manager role.

Note: The security manager role is in public beta and subject to change.

Security manager is an organization-level role that organization owners can assign to any team in an organization. When applied, it gives every member of the team permissions to view security alerts and manage settings for code security across your organization, as well as read permissions for all repositories in the organization.

Permissions for the security manager role

Members of a team with the security manager role have only the permissions required to effectively manage code security for the organization.

  • Read access on all repositories in the organization, in addition to any existing repository access
  • Write access on all security alerts in the organization
  • The ability to configure code security settings at the organization level
  • The ability to configure code security settings at the repository level

Additional functionality, including a security overview for the organization, is available in organizations that use GitHub Enterprise Cloud with Advanced Security. For more information, see the GitHub Enterprise Cloud documentation.

If a team has the security manager role, people with admin access to the team and a specific repository can change the team's level of access to that repository but cannot remove the access. For more information, see "Managing team access to an organization repository" and "Managing teams and people with access to your repository."

Assigning the security manager role to a team in your organization

You can assign the security manager role to a maximum of 10 teams in your organization.

  1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations.

    Screenshot of the dropdown menu under @octocat's profile picture. "Your organizations" is outlined in dark orange.

  2. Next to the organization, click Settings.

  3. In the "Security" section of the sidebar, click Code security and analysis.

    Note

    If your organization is enrolled in the security configurations and global settings public beta, instead of "Code security and analysis", you will see a "Code security" dropdown menu. Select Code security, then click Global settings. For next steps on assigning the security manager role in your organization with global settings, see "Configuring global security settings for your organization."

  4. In the "Security managers" section, in the search field, search for and select the team to give the role. Each team you select will appear in a list below the search bar.

Removing the security manager role from a team in your organization

Warning: Removing the security manager role from a team will remove the team's ability to manage security alerts and settings across the organization, but the team will retain read access to repositories that was granted when the role was assigned. You must remove any unwanted read access manually. For more information, see "Managing team access to an organization repository."

  1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations.

    Screenshot of the dropdown menu under @octocat's profile picture. "Your organizations" is outlined in dark orange.

  2. Next to the organization, click Settings.

  3. In the "Security" section of the sidebar, click Code security and analysis.

    Note

    If your organization is enrolled in the security configurations and global settings public beta, instead of "Code security and analysis", you will see a "Code security" dropdown menu. Select Code security, then click Global settings. For next steps on managing the security manager role in your organization with global settings, see "Configuring global security settings for your organization." For detail on removing security managers, reference the following steps.

  4. Under Security managers, next to the team you want to remove as security managers, click .