While organization owners can create custom organization roles to control their users' access to the organization, we've found that there are common patterns that most organizations need. These roles will be built in to every GitHub organization, and available to all organizations, both enterprise and free, to provide a "batteries included" least-privilege setup.
We'll be adding new roles over time as features within GitHub add granular management. At launch, though, we'll have a set of five organization-wide base roles, which grant read, triage, write, maintain, or admin privileges against every repository in the organization. These can be assigned to organization members as well as organization teams.
Summary
While organization owners can create custom organization roles to control their users' access to the organization, we've found that there are common patterns that most organizations need. These roles will be built in to every GitHub organization, and available to all organizations, both enterprise and free, to provide a "batteries included" least-privilege setup.
We'll be adding new roles over time as features within GitHub add granular management. At launch, though, we'll have a set of five organization-wide base roles, which grant read, triage, write, maintain, or admin privileges against every repository in the organization. These can be assigned to organization members as well as organization teams.