0

We are trying VERY hard to come up with a method to apply security to all of our projects without having to add to each project individually. We have 1300 projects to migrate from other source control to hosted projects on VisualStudio.com.

How do you recommend adding security groups at the collection level to control 1300+ projects using inheritance.

Any pointers?

Wauna
  • 2,226
  • 2
  • 10
  • 11
  • Define what you mean when you say "projects". Are these individual applications, or portfolios of related applications? Do they share a common development team? – Daniel Mann Nov 07 '17 at 20:09
  • Hi Daniel, Thanks for responding. We are trying to have 4 common groups "Developers", "Dev Ops", "Testers", and "Project Leaders" who all have access to their various parts within VSTS. Each "project" is a code base in our other Source Code Systems and is being turned into a VSTS Project. It seems like we are required to set each of the these manually at the Project level. We are looking for a way to NOT have to open and configure each project we migrate to VSTS, but instead configure permissions once for all projects. – Wauna Nov 07 '17 at 20:41
  • Each of the 1,300 Source Code projects is an independent application deployed here. So each Project should have Developers working on CODE. Testers should have access to the TEST. DevOps access to BUILD & RELEASE, and Project Managers Access to Work Items. – Wauna Nov 07 '17 at 20:44
  • It sounds like each project is really a singular application or re-usable component. Is there a reason that you don't want to use a 1-> N relationship between projects and code base? There is no reason that you can't have 1 project with multiple git repositories, and it is typically preferred to set it up this way. – DenverDev Nov 08 '17 at 03:45

1 Answers1

0

In TFS/VSTS there are different levels or group/permission settings:

Refer to Permissions and groups in VSTS and TFS for details.

You need to set them based on your requirements accordingly to make the system working as expected. That means you have to set them separately and for each team project individually. We cannot achieve that by simply set it only on Collection Level.

Default permissions and access for VSTS and TFS for your reference.

However in VSTS we can crate groups (eg: Developers, Testers ...) and add users to the groups accordingly, also can add them to multiple projects during adding the users:

Manage Settings(gear icon) --> Users --> Add new users --> Enter the user eamil address --> select Access level --> Projects --> Add all --> set other options ... --> Add

enter image description here

Andy Li-MSFT
  • 28,712
  • 2
  • 33
  • 55