Important! The content of this resource is provided -as is- for educational purposes and it is not part of GitHub's official documentation. For GitHub's Official Documentation, please visit GitHub Docs
Why GitHub Enterprise Cloud
GitHub Enterprise is built to enable organizations to innovate at scale. The Enterprise offering expands upon the GitHub Teams product to include numerous features across user management, AI, security, CI/CD, compliance, infrastructure management, InnerSourcing, and more.
This resource guide expands upon the Official GitHub Pricing page to enable links to dive deeper and include smaller features that couldn't fit in the main summary.
Every feature below is exclusive to GitHub Enterprise Cloud.
Scale Securely
| Feature | Description | Docs |
|---|---|---|
| SAML SSO Integration | Use an identity provider to manage the identities of GitHub users and applications. | Docs |
| SCIM | Implement SCIM to add, manage, and remove organization members' access to GitHub Enterprise Cloud via link to IdP (Supported IdPs: Azure AD, Okta, OneLogin). | Docs |
| Team Synchronization | Enable team synchronization between your IdP and GitHub Enterprise Cloud to allow organization owners and team maintainers to connect teams in your organization with IdP groups (Supported IdPs: Azure AD, Okta). | Docs |
| SOC 2 + FedRAMP Compliance | Platform security to ensure your team is operating on a fully-compliant platform for Audits, customers, etc. | SOC 2 + FedRamp |
| Audit Log API + Streaming | Programmatically retrieve enterprise events with the REST or GraphQL API. OR You can stream audit and Git events data from GitHub to an external data management system. | API / Stream |
| IP Address Disclosure in Audit Log Events | Display the source IP address for events in your enterprise's audit log. | Docs |
| Enterprise Managed Users | In the "Enterprise Managed User" user model: All users for a company organization are specifically created and maintained by the identity provider through SAML/SCIM. Overview of the 2 user management models. | Docs |
| Limit notifications to verified email domains | Prevent email notifications from being sent outside the organization’s authorized email domains for non EMU enterprises. | Docs |
| IP Allow List | Restrict access to your organization's private assets by configuring a list of IP addresses that are allowed to connect. | Docs |
| Dependency Insights | Dashboard providing visibility into all the dependencies and associated security advisories across your organization. | Docs |
| Security Overview | Security Overview provides a centralized view of risk for application security teams, engineering leaders, and developers. In the Security Overview dashboard you can see/filter code scanning, Dependabot, and secret scanning alerts across every repository you have access to. A GHAS license is required for code scanning / secret scanning in Private repositories. | Docs |
| Ability to Purchase GitHub Advanced Security | GitHub Advanced Security (GHAS) is a suite of capabilities for improving your application security posture. GHAS expands upon the base Dependabot (SCA) tools by adding Secret Scanning for Private Repositories, Push Protection for Secret Scanning, Code Scanning Platform, CodeQL (SAST), Security Overview, and Dependency Review. This suite of security features is designed to give you comprehensive SAST, Secret Scanning, and SCA coverage natively in GitHub with an emphasis on developer experience and automation. | Docs |
Scale with Collaboration Tools + InnerSourcing
| Feature | Description | Docs |
|---|---|---|
| Enterprise Account | A parent account type optimized for collaboration between interconnected organizations. Enables global administration, license management, and policy enforcement across multiple silo'ed organizations. | Docs |
| Internal Repos | All enterprise members have read permissions to the internal repository, but internal repositories are not visible to people outside of the enterprise. | Docs |
| Custom Roles | You can more granularly control access to your organization's repositories by creating custom repository roles. | Docs |
| Organizational Insights | You can use organization activity insights to help you better understand how members of your organization are using GitHub Enterprise Cloud to collaborate and work on code. | Docs |
| Private GitHub Pages | With access control for GitHub Pages, you can restrict access to your project site by publishing the site privately. A privately published site can only be accessed by people with read access to the repository the site is published from. (About GitHub Pages) | Docs |
Scale with AI
| Feature | Description | Docs |
|---|---|---|
| Ability to purchase Copilot Enterprise | Copilot Enterprise brings Copilot inside the Enterprise with features like: Copilot Chat trained on full repos and knowledge bases, Copilot generated Pull Request summaries, and more. | Docs |
Scale CI/CD + Infrastructure
| Feature | Description | Docs |
|---|---|---|
| Additional Free GitHub Hosted Actions Minutes | 3,000 (Teams) --> 50,000 free GitHub Hosted Actions minutes per month (Enterprise) | Docs |
| Restrict self-hosted runner groups to specific workflows | Restrict self-hosted runner groups to only be accessible from certain workflows. In addition to restricting which repositories can access specific enterprise and organization runner groups, administrators can further control access by selecting specific workflow files and versions. | Docs |
| GitHub Environments | Environments are used to describe a general deployment target like production, staging, or development. When a GitHub Actions workflow deploys to an environment, the environment is displayed on the main page of the repository. Deployment protection rules can be used to require specific conditions to pass before a job referencing the environment can proceed. |
Docs |
| Merge Queues for Private Repos | A Merge Queue can increase the rate at which pull requests are merged into a busy target branch while ensuring that all required branch protection checks pass. | Docs |
| Reusable Workflows | Host reusable GitHub Action workflows in internal repositories. Workflow reuse promotes best practice by helping you to use workflows that are well designed, have already been tested, and have been proven to be effective. Your Enterprise can build up a library of reusable workflows that can be centrally maintained. | Docs |
| Organization Rulesets | Scale branch protections and other Repository Rulesets across a subset of your repositories or your entire organization. | Docs |
| Additional Free GitHub Package Data Store | 2GB (Teams) --> 50GB free GitHub Packages Storage (Enterprise) | Docs |