Requirements for enabling Advanced Security products
To use GitHub Secret Protection, GitHub Code Security, or GitHub Advanced Security on private or internal repositories with unique active committers, you must have licenses available. The user-interface and options depend on how you pay for Advanced Security.
- Metered billing: by default, there is no limit on how many licenses you can consume. See GitHub Enterprise Cloud 설명서의 예산을 설정하여 요금제 제품에 대한 지출 제어 and 엔터프라이즈에 대한 코드 보안 및 분석을 위한 정책 적용 .
- Volume/subscription billing (GitHub Enterprise only): once the licenses you have purchased are all in use, you cannot enable GitHub Secret Protection, GitHub Code Security, or GitHub Advanced Security on additional repositories until you free up or buy additional licenses.
With security configurations, you can easily understand the license usage of repositories in your organization, as well as the number of available GitHub Secret Protection, GitHub Code Security, or GitHub Advanced Security licenses in your 엔터프라이즈. Additionally, if you need to make more licenses available to secure a high-impact repository, you can quickly disable GitHub Secret Protection, GitHub Code Security, or GitHub Advanced Security on private and internal repositories at scale.
To learn about licensing for GitHub Secret Protection, GitHub Code Security, and GitHub Advanced Security, see GitHub Advanced Security 라이선스 청구.
Understanding your license usage
-
GitHub의 오른쪽 위 모서리에서 프로필 사진을 클릭한 다음, Your organizations를 클릭합니다.
-
조직 이름에서 설정을 클릭합니다. "설정" 탭이 표시되지 않으면 드롭다운 메뉴를 선택한 다음 설정을 클릭합니다.
-
사이드바의 "Security" 섹션에서 Advanced Security 드롭다운 메뉴를 선택한 다음, Configurations를 클릭합니다.
-
In the "Apply configurations" section, your current license usage will be displayed. This screenshot shows metered usage. If you have bought a volume/subscription license, then the number of licenses available is also reported.
-
Optionally, to find specific repositories in your organization, filter the repository table. To learn more, see Filtering repositories in your organization using the repository table.
팁
For information about buying more volume/subscription licenses, see GitHub Advanced Security에 대한 볼륨 라이선스 관리.
Turning off Secret Protection or Code Security
The simplest way to turn off all Secret Protection or Code Security features for one or more repositories is to create a security configuration where the product is disabled at the top level. You can apply this custom configuration to repositories where you want to turn off paid features.
팁
Ensure that you give your custom configuration a very clear name, for example: "No Code Security" or "Secret Protection and Supply chain only" to avoid confusion.
For more information, see Creating a custom security configuration and Applying a custom security configuration.
To prevent future enablement of security features, we recommend you ask your enterprise administrator to set the enterprise account's Advanced Security policies so that:
- Advanced Security is not available.
- Repository administrators are not allowed to enable or disable Advanced Security features for their repositories. See 엔터프라이즈에 대한 코드 보안 및 분석을 위한 정책 적용.