Skip to main content

Managing security managers in your organization

You can give your security team the least access they need to your organization by assigning a team to the security manager role.

Who can use this feature

Organization owners can assign the security manager role.

注: セキュリティ マネージャーロールはパブリック ベータ版であり、変更される可能性があります。

セキュリティ マネージャーは、Organization の所有者が Organization 内の任意の Team に割り当てることができる Organization レベルのロールです。 適用すると、Team のすべてのメンバーに、Organization 全体のセキュリティ アラートと設定を管理するためのアクセス許可と、Organization 内のすべてのリポジトリの読み取りアクセス許可が付与されます。

Permissions for the security manager role

Members of a team with the security manager role have only the permissions required to effectively manage security for the organization.

  • Read access on all repositories in the organization, in addition to any existing repository access
  • Write access on all security alerts in the organization
  • The ability to configure security settings at the organization level
  • The ability to configure security settings at the repository level

Additional functionality, including a security overview for the organization, is available in organizations that use GitHub Enterprise Cloud with Advanced Security. For more information, see the GitHub Enterprise Cloud documentation.

If a team has the security manager role, people with admin access to the team and a specific repository can change the team's level of access to that repository but cannot remove the access. For more information, see "Managing team access to an organization repository" and "Managing teams and people with access to your repository."

Manage repository access UI with security managers

Assigning the security manager role to a team in your organization

You can assign the security manager role to a maximum of 10 teams in your organization.

  1. GitHub.com の右上隅にあるプロファイル写真をクリックし、 [自分の Organization] をクリックします。 プロファイル メニューの組織

  2. 組織の隣の [設定] をクリックします。 [設定] ボタン

  3. In the "Security" section of the sidebar, click Code security and analysis.

  4. Under Security managers, search for and select the team to give the role. Each team you select will appear in a list below the search bar. Add security manager

Removing the security manager role from a team in your organization

Warning: Removing the security manager role from a team will remove the team's ability to manage security alerts and settings across the organization, but the team will retain read access to repositories that was granted when the role was assigned. You must remove any unwanted read access manually. For more information, see "Managing team access to an organization repository."

  1. GitHub.com の右上隅にあるプロファイル写真をクリックし、 [自分の Organization] をクリックします。 プロファイル メニューの組織

  2. 組織の隣の [設定] をクリックします。 [設定] ボタン

  3. In the "Security" section of the sidebar, click Code security and analysis.

  4. Under Security managers, to the right of the team you want to remove as security managers, click . Remove security managers