Purpose

This policy defines the access levels and permissions granted to different roles within the organization's GitHub repositories. The goal is to ensure security, control, and accountability while enabling efficient collaboration.

Roles and Access Levels

The following roles are defined, each with specific access and permissions:

1. System Administrator

Access Level: Unrestricted

• Permissions:
  • Full administrative access to all organization repositories, settings, and configurations.
  • Manage user access, repository settings, and security configurations.
  • Approve and enforce security policies, branch protections, and compliance settings.

2. Security Administrator

Access Level: High

• Permissions:
  • Manage security-related configurations, including secrets management and vulnerability alerts.
  • Enforce security policies such as branch protections, code scanning, and audit logs.
  • No direct write access to repositories unless explicitly required.

3. Project Manager

Access Level: Manager

• Permissions:
  • Read and write access to all repositories within assigned projects.
  • Manage project boards, issues, and documentation.
  • No direct access to code or administrative settings.

4. Lead Engineer

Access Level: Elevated

• Permissions:
  • Full write access to assigned repositories.
  • Merge pull requests, manage branches, and approve code reviews.
  • Configure repository settings (excluding security and access control).

5. Senior Developer

Access Level: Moderate

• Permissions:
  • Write access to assigned repositories.
  • Submit and review pull requests.
  • Merge pull requests with approval from Lead Engineer or higher.

6. Junior Developer