Create and manage teams
A team is a group of people having access to the incidents occurring on a set of sources defined as the team's perimeter.
Only workspaces under Business plan can create and use teams.
Creating a team
Only Managers can create teams within the workspace.
- Navigate to Settings > Teams.
- In the top-right-hand corner of the page, click on Create team.
- Define the name of the team and give it a description.
Add teammates to your team
You can add as many teammates you want to a team. Remember that Restricted cannot be added to teams.
- Within your team page, go to Teammates panel.
- Click on Add teammates.
Define their incident permissions
For each teammate, you can define an incident permissions which will define the default level of permission they will automatically have on all incidents that have occurred and will occur on sources belonging to the perimeter of the team and therefore for which he will have access.
- Can view: they can only view team incidents.
- Can edit: they can resolve, ignore, comment and be assigned on team incidents.
- Full access: they have the "Can edit" permissions, plus the ability to share team incidents within the workspace or publicly.
When added to a team, a workspace Manager has unmodifiableFull accessincident permissions by default.
For more details about incident permissions, read the dedicated documentation.
Define their team permissions
For each teammate, you can define the team permission:
- Cannot manage: they cannot change team settings or manage teammates.
- Can manage: they can manage teammates (add/remove/accept or decline team requests). They can manage team settings and even delete the team.
When added to a team, a workspace Manager has unmodifiablecan manageteam permissions by default.
By default, a teammate with the Member role and can manage team permission can invite new users to the workspace by adding them to their team.
This behavior can be deactivated via a workspace setting. Please refer to this page for more details.
A teammate with role Member and can manage team permission won't be able to configure the team perimeter.
For security reasons, configuration of the team perimeter can only be done by a workspace Manager.
Configure team perimeter
The perimeter of the team is a set of sources (GitHub repositories, GitLab projects, etc...) for which the team will have access to all the incidents that have occurred there and will occur there.
Adding sources to the perimeter
- Within your team page, go to Perimeter panel.
- Click on Add sources.
- If you have multiple VCS integrations, select the VCS you want to add sources from.
- Select the repositories you want to add the team perimeter and click on Add sources.
For security reasons, configuration of the team perimeter can only be done by a workspace Manager.
Indeed, the addition of new sources to the perimeter of the team has very significant implications since it allows access to all the incidents that have occurred on these new sources. This is why only people with the highest privileges, workspace managers, can perform this action.
About source nodes addition and others important things to know
Few things you should be aware of when configuring the perimeter:
- If you select an entire node of sources (eg: a GitHub organization, a GitLab group, a Bitbucket project):
- all the existing sources contained in this node will obviously be added to the perimeter of the team,
- but also the future sources of this node will automatically be added to the team perimeter.
- If you select all the nodes of the VCS integration (eg: all the GitHub organizations you have integrated), GitGuardian assumes you want to monitor the VCS integration as a whole. Future nodes will automatically be added to the team perimeter (eg: future GitHub organizations you will integrate).
- a source can belong to multiple teams.
Removing sources from the perimeter
- Within your team page, go to Perimeter panel.
- Click on the bin icon and confirm your action.
If you want to be more specific, you can also click on the cog icon to open the configuration modal and edit the perimeter of the team - add and remove sources - by checking or unchecking the sources of your choice and confirming your action.
Requesting access to a team
People with the role of Member must request access to join a team. In order to request access:
- Navigate to Settings > Teams.
- To the right of the team's name, click on Request access.
- An email is then sent to teammates with
Can manageteam permissions notifying this new request. If there are no teammates withCan manageteam permissions, the email is sent to workspace managers.
Members can cancel their own team requests at any time.
Teammates with "Can manage" team permissions can review team requests on the team page and decide whether to accept or decline them. The Member who made the request will be informed by email of the decision.
Workspace Managers have the ability to visit, join, accept or decline team requests, and leave any teams present on the Workspace, even if they are not part of it.
Add alerting integrations to a team
This feature is currently in beta testing. If you're interested in trying it out, kindly get in touch with your account manager.
As a workspace Manager you can manage alerting integrations for any team from the Integration section.
As a Member with Can manage team permissions, you can create and modify alerting integration for your specific team.
Team-level alerting enable you to send alerts directly to each team's preferred communication channel, reducing unnecessary distractions for other team members. Team members will only receive alerts for incidents that require their attention and remediation.
If an incident already exist in an other team, and a new occurrence of this incident occurs in a repository attached to your team, you'll receive an alert - even if you've asked to be alerted only by new incident and not occurrences. This ensures you won't overlook any incident.
Each workspace has a default limitation of 1000 integrations for all the teams. If you need to increase this quota, please get in touch with your account manager.
Deleting a team
As a workspace Manager or a teammate with Can manage team permission, you can delete a team.
- Navigate to Settings > Teams.
- Visit the page of the team you want to delete and scroll down to the "Danger zone".
- Click on Delete team and confirm your action by typing the name of the team.
This action cannot be undone. All teammates will instantly lose access to incidents they were able to access because those incidents occurred within the team perimeter.
A specific team: The "All-incidents" team
What is the "All-incidents" team
In the team management feature within a GitGuardian workspace there is a particularity: the "All-incidents" team.
The "All-incidents" team is a team that exists by default on the workspace and which gives access to all the incidents of the workspace to the people who compose it. Consequently, there is no notion of perimeter within the "All-Incidents" team.
This team will usually bring together the people responsible for security at the global level of your organization (eg: CISOs).
The "All-incidents" team cannot be deleted.
How the "All-incidents" team articulates in with roles and plans
About roles:
- By default, all Managers in your workspace are part of the "All-incidents" team and cannot be withdrawn from it.
- That said, people with the Member role can also be part of the "All-Incidents" team (ex: security auditors).
- People with the Member role who are not part of the "All incidents" team cannot see it in the list of teams and therefore *cannot request access to it. A Member can only be part of the "All-incident" team if added manually by a Manager.
About plans:
- As the team management feature - and therefore the ability to have siloed views on incidents - is only allowed in the Business plan, any workspace under the Free plan works as if only the team "All-Incidents" was present.
- Thus, when switching from the Business plan to the Free plan (eg: end of contract or end of business trial), all people who are not part of the "All-incidents" team are considered deactivated.
Was this page helpful?
