[2022-10-06]: Secret scanning: Enable at Enterprise level - [GA] (#30089)

Co-authored-by: github-actions <github-actions@github.com> Co-authored-by: Laura Coursen <lecoursen@github.com> Co-authored-by: Mariam <15mariams@github.com> Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
2022-10-06 22:17:35 +02:00 · 2022-10-06 22:17:35 +02:00 · ae862229f8
--- a/assets/images/enterprise/security/enterprise-security-and-analysis-disable-or-enable-all.png
+++ b/assets/images/enterprise/security/enterprise-security-and-analysis-disable-or-enable-all.png
--- a/assets/images/enterprise/security/enterprise-security-and-analysis-enable-or-disable-feature-checkbox.png
+++ b/assets/images/enterprise/security/enterprise-security-and-analysis-enable-or-disable-feature-checkbox.png
--- a/assets/images/enterprise/security/enterprise-security-and-analysis-enable-secret-scanning.png
+++ b/assets/images/enterprise/security/enterprise-security-and-analysis-enable-secret-scanning.png
--- a/content/admin/code-security/index.md
+++ b/content/admin/code-security/index.md
@ -3,6 +3,7 @@ title: Managing code security for your enterprise
 shortTitle: Manage code security
 intro: 'You can build security into your developers'' workflow with features that keep secrets and vulnerabilities out of your codebase, and that maintain your software supply chain.'
 versions:
+  ghec: '*'
  ghes: '*'
  ghae: '*'
 topics:
--- a/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/index.md
+++ b/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/index.md
@ -8,11 +8,14 @@ redirect_from:
  - /admin/configuration/configuring-advanced-security-features
  - /admin/advanced-security
 versions:
+  ghec: '*'
  ghes: '*'
+  ghae: '> 3.6'
 topics:
  - Enterprise
 children:
  - /enabling-github-advanced-security-for-your-enterprise
+  - /managing-github-advanced-security-features-for-your-enterprise
  - /configuring-code-scanning-for-your-appliance
  - /configuring-dependency-review-for-your-appliance
  - /configuring-secret-scanning-for-your-appliance
--- a/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md
+++ b/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md
@ -0,0 +1,48 @@
+---
+title: Managing GitHub Advanced Security features for your enterprise
+intro: 'You can control {% data variables.product.prodname_GH_advanced_security %} features that secure and analyze code across all organizations owned by your enterprise.'
+permissions: Enterprise owners can manage {% data variables.product.prodname_advanced_security %} features for organizations in an enterprise.
+versions:
+  feature: secret-scanning-enterprise-level
+type: how_to
+topics:
+  - Alerts
+  - Advanced Security
+  - Dependency graph
+  - Secret scanning
+  - Repositories
+shortTitle: Manage GitHub Advanced Security
+---
+
+## About management of {% data variables.product.prodname_advanced_security %} features
+
+You can use {% data variables.product.prodname_advanced_security %} features to harden security for the organizations in your enterprise. To streamline management of {% data variables.product.prodname_advanced_security %}, you can enable or disable each feature for all existing and/or new repositories within the organizations owned by your enterprise.
+
+{% ifversion ghes or ghec %}For information about buying a license for {% data variables.product.prodname_GH_advanced_security %}, see "[About billing for {% data variables.product.prodname_GH_advanced_security %}](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)."{% elsif ghae %}There is no charge for {% data variables.product.prodname_GH_advanced_security %} on {% data variables.product.prodname_ghe_managed %} during the beta release.{% endif %}
+
+If you have disallowed {% data variables.product.prodname_GH_advanced_security %} for an organization, that organization will not be affected by enabling a feature for all existing repositories or for all new repositories. For more information about disallowing {% data variables.product.prodname_GH_advanced_security %} for an organization, see "[Enforcing policies for Advanced Security in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-advanced-security-in-your-enterprise)."
+
+When you enable one or more security and analysis features for existing repositories, you will see any results displayed on {% data variables.product.prodname_dotcom %} within minutes.
+
+{% data reusables.security.security-and-analysis-features-enable-read-only %}
+
+## Managing {% data variables.product.prodname_advanced_security %} features
+
+{% data reusables.advanced-security.note-org-enable-uses-seats %}
+
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.settings-tab %}
+1. In the left sidebar, click **Code security & analysis**. 
+1. Optionally, enable or disable a feature for all existing repositories.
+
+   - To the right of the feature, click **Disable all** or **Enable all**. {% ifversion ghes or ghec %}If the control for "{% data variables.product.prodname_GH_advanced_security %}" is disabled, you have no available seats in your {% data variables.product.prodname_GH_advanced_security %} license.{% endif %}
+   
+   ![Screenshot of "Enable all" or "Disable all" buttons for "Configure security and analysis" features](/assets/images/enterprise/security/enterprise-security-and-analysis-disable-or-enable-all.png)
+
+   - To confirm the change, click **Enable/Disable all** or **Enable/Disable for eligible repositories**.
+   
+     ![Screenshot of button to enable feature for all the eligible repositories in the organization](/assets/images/enterprise/security/enterprise-security-and-analysis-enable-secret-scanning.png)
+
+1. Optionally, to enable or disable a feature automatically when new repositories are added, select the checkbox below the feature.
+   
+   ![Screenshot of a checkbox for enabling a feature for new repositories](/assets/images/enterprise/security/enterprise-security-and-analysis-enable-or-disable-feature-checkbox.png)
--- a/content/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories.md
+++ b/content/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories.md
@ -26,6 +26,14 @@ shortTitle: Configure secret scans

 You can enable {% data variables.product.prodname_secret_scanning_GHAS %} for any repository that is owned by an organization. Once enabled, {% data reusables.secret-scanning.secret-scanning-process %}

+{% ifversion secret-scanning-enterprise-level %}
+{% note %}
+
+**Note:** If your organization is owned by an enterprise account, an enterprise owner can also enable {% data variables.product.prodname_secret_scanning %} at the enterprise level. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)."
+
+{% endnote %}
+{% endif %}
+
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
 {% data reusables.repositories.navigate-to-code-security-and-analysis %}
--- a/data/features/secret-scanning-enterprise-level.yml
+++ b/data/features/secret-scanning-enterprise-level.yml
@ -0,0 +1,6 @@
+# Reference: #7526.
+# Secret scanning: Enable at Enterprise level
+versions:
+  ghec: '*'
+  ghes: '>=3.7'
+  ghae: '>=3.7'