A user wants to be able to create new rulesets. We're not sure how we should go about doing that #199317
-
🏷️ Discussion TypeQuestion 💬 Feature/Topic AreaOther BodyOne of our users has asked to be added to the Additionally, when I looked at one repo, I've worked a lot in, I see that it is possible to modify the Last question, what is commonly done by businesses here on GitHub? Is it a better practice to never grant the ability to create rulesets to a person who normally would be put into the |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
No, the default Maintain role does not allow a user to create or edit repository rulesets. Managing rulesets is a sensitive permission reserved strictly for the Admin role. In enterprise environments, granting full Admin access to a regular developer just to manage rulesets is considered a security risk, as it also allows them to delete or transfer the repository. Since you have a GitHub Enterprise license, the common and best practice here is to create a Custom Repository Role:
This gives them full capability to build and manage rulesets without giving them any destructive admin privileges or control over the repository's visibility. |
Beta Was this translation helpful? Give feedback.
No, the default Maintain role does not allow a user to create or edit repository rulesets. Managing rulesets is a sensitive permission reserved strictly for the Admin role.
In enterprise environments, granting full Admin access to a regular developer just to manage rulesets is considered a security risk, as it also allows them to delete or transfer the repository.
Since you have a GitHub Enterprise license, the common and best practice here is to create a Custom Repository Role: