GHAS enterprise policies: Update variable use and content to match UI (#55220)

Co-authored-by: Joe Clark <[email protected]>
Co-authored-by: Copilot <[email protected]>

Author: 3 people

assets/images/help/enterprises/select-advanced-security-individual-organization-policy-ghes-316.png

@@ -35,6 +35,22 @@ You can enforce policies to manage the use of security features within organizat
 
 Additionally, you can enforce policies for the use of {% data variables.product.prodname_GHAS %}{% ifversion ghas-products %} products{% endif %} in your enterprise's organizations and repositories.
 
+## Enforcing a policy for the availablity of {% data variables.product.prodname_AS %} in your enterprise's organizations
+
+{% data variables.product.github %} bills for {% data variables.product.prodname_AS %} products on a per-committer basis. See [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security#managing-committers-and-costs).
+
+You can enforce a policy that controls whether repository administrators are allowed to enable features for {% data variables.product.prodname_AS %} in an organization's repositories. You can configure a policy for all organizations owned by your enterprise account, or for individual organizations that you choose.
+
+Disallowing {% data variables.product.prodname_GH_cs_or_sp %} for an organization prevents repository administrators from enabling {% data variables.product.prodname_GH_cs_or_sp %} features for additional repositories, but does not disable the features for repositories where the features are already enabled.
+
+{% data reusables.enterprise.role-permission-hierarchy %}
+
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.policies-tab %}
+{% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
+{% data reusables.enterprise-accounts.advanced-security-organization-policy-drop-down %}
+{% data reusables.enterprise-accounts.advanced-security-individual-organization-policy-drop-down %}
+
 {% ifversion ghec %}
 
 ## Enforcing a policy for visibility of dependency insights
@@ -46,7 +62,7 @@ Across all organizations owned by your enterprise, you can control whether organ
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}
 {% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
-1. Under "Dependency insights", review the information about changing the setting.
+1. In the "Policies" section, under "Dependency insights", review the information about changing the setting.
 1. {% data reusables.enterprise-accounts.view-current-policy-config-orgs %}
 1. Under "Dependency insights", select the dropdown menu and click a policy.
 
@@ -63,32 +79,26 @@ Across all organizations owned by your enterprise, you can allow members with ad
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}
 {% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
-1. Under "Enable or disable {% data variables.product.prodname_dependabot_alerts %} by repository admins", use the dropdown menu to choose a policy.
+1. In the "Policies" section, under "Enable or disable {% data variables.product.prodname_dependabot_alerts %} by repository admins", use the dropdown menu to choose a policy.
 
 {% endif %}
 
-## Enforcing a policy for the use of {% data variables.product.prodname_GH_advanced_security %} in your enterprise's organizations
+## Enforcing a policy to manage the use of {% data variables.product.prodname_AS %} features in your enterprise's repositories
 
-{% data reusables.advanced-security.about-ghas-organization-policy %}
-
-{% data reusables.enterprise.role-permission-hierarchy %}
+Across all of your enterprise's organizations, you can allow or disallow people with admin access to repositories to manage the use of {% data variables.product.prodname_AS %} features in the repositories.
 
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}
 {% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
-1. In the "{% data variables.product.prodname_GH_advanced_security %} policies" section, under "{% data variables.product.prodname_GH_advanced_security %} availability", select the dropdown menu and click a policy for the organizations owned by your enterprise.
-
-{% data reusables.enterprise-accounts.advanced-security-organization-policy-drop-down %}
-{% data reusables.enterprise-accounts.advanced-security-individual-organization-policy-drop-down %}
-
-## Enforcing a policy to manage the use of {% data variables.product.prodname_GH_advanced_security %} features in your enterprise's repositories
-
-Across all of your enterprise's organizations, you can allow or disallow people with admin access to repositories to manage the use of {% data variables.product.prodname_GH_advanced_security %} features in the repositories. {% data reusables.advanced-security.ghas-must-be-enabled %}
+{% ifversion ghas-products %}
+1. In the "Policies" section, under "Repository administrators can enable or disable `PRODUCT`", use the dropdown menu to define whether repository administrators can change the enablement of {% data variables.product.prodname_cs_and_sp %}.
+{% else %}
+1. In the "{% data variables.product.prodname_GHAS %} policies" section, under "Enable or disable {% data variables.product.prodname_GHAS %} by repository admins", select the dropdown menu and click a policy.
+{% endif %}
 
-{% data reusables.enterprise-accounts.access-enterprise %}
-{% data reusables.enterprise-accounts.policies-tab %}
-{% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
-1. In the "{% data variables.product.prodname_GH_advanced_security %} policies" section, under "Enable or disable {% data variables.product.prodname_GH_advanced_security %} by repository admins", select the dropdown menu and click a policy.
+{% ifversion ghas-products %}
+<!--This option is included automatically by the "Repository Admins can Enable or Disable Secret Protection" option, which is why this section is omitted for `ghas-products` versions.-->
+{% else %}
 
 ## Enforcing a policy to manage the use of {% data variables.product.prodname_secret_scanning %} in your enterprise's repositories
 
@@ -99,18 +109,20 @@ Across all of your enterprise's organizations, you can allow or disallow people
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}
 {% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
-1. In the "{% data variables.product.prodname_GH_advanced_security %} policies" section, under "Enable or disable {% data variables.product.prodname_secret_scanning %} by repository admins", select the dropdown menu and click a policy.
+1. In the "Policies" section, under "Enable or disable {% data variables.product.prodname_secret_scanning %} by repository admins", select the dropdown menu and click a policy.
+
+{% endif %}
 
 {% ifversion secret-scanning-ai-generic-secret-detection %}
 
-## Enforcing a policy to manage the use of {% data variables.secret-scanning.generic-secret-detection %} for {% data variables.product.prodname_secret_scanning %} in your enterprise's repositories
+## Enforcing a policy to manage the use of AI detection for {% data variables.product.prodname_secret_scanning %} in your enterprise's repositories
 
-Across all of your enterprise's organizations, you can allow or disallow people with admin access to repositories to manage and configure AI detection in {% data variables.product.prodname_secret_scanning %} for the repositories. {% data reusables.advanced-security.ghas-must-be-enabled %}
+Across all of your enterprise's organizations, you can allow or disallow people with admin access to repositories to manage and configure AI detection in {% data variables.product.prodname_secret_scanning %} for the repositories. This policy only takes effect if repository administrators are also allowed to change enablement of {% data variables.product.prodname_secret_protection %} (controlled by the "Repository administrators can enable or disable Secret Protection" policy).
 
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}
 {% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
-1. In the "{% data variables.product.prodname_GH_advanced_security %} policies" section, under "AI detection in {% data variables.product.prodname_secret_scanning %}", select the dropdown menu and click a policy.
+1. In the "Policies" section, under "AI detection in {% data variables.product.prodname_secret_scanning %}", select the dropdown menu and click a policy.
 
 {% endif %}
 
@@ -123,6 +135,6 @@ Across all of your enterprise's organizations, you can allow or disallow people
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}
 {% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
-1. In the "{% data variables.product.prodname_GH_advanced_security %} policies" section, under "{% data variables.product.prodname_copilot_autofix_short %}", select the dropdown menu and click a policy.
+1. In the "Policies" section, under "{% data variables.product.prodname_copilot_autofix_short %}", select the dropdown menu and click a policy.
 
 {% endif %}

assets/images/help/enterprises/select-advanced-security-individual-organization-policy.png

@@ -1,5 +1,5 @@
-{% data variables.product.company_short %} bills for {% data variables.product.prodname_advanced_security %} on a per-committer basis. See [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security).
+{% data variables.product.github %} bills for {% data variables.product.prodname_AS %} products on a per-committer basis. See [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security#managing-committers-and-costs).
 
 You can enforce a policy that controls whether repository administrators are allowed to enable features for {% data variables.product.prodname_advanced_security %} in an organization's repositories. You can configure a policy for all organizations owned by your enterprise account, or for individual organizations that you choose.
 
-Disallowing {% data variables.product.prodname_advanced_security %} for an organization prevents repository administrators from enabling {% data variables.product.prodname_advanced_security %} features for additional repositories, but does not disable the features for repositories where the features are already enabled. For more information about configuration of {% data variables.product.prodname_advanced_security %} features, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization) or [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository).
+Disallowing {% data variables.product.prodname_GH_cs_or_sp %} for an organization prevents repository administrators from enabling {% data variables.product.prodname_GH_cs_or_sp %} features for additional repositories, but does not disable the features for repositories where the features are already enabled.

content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise.md

@@ -1,3 +1,11 @@
-1. Optionally, if you chose **Allow for selected organizations**, to the right of an organization, select the dropdown menu to enable {% data variables.product.prodname_advanced_security %} for the organization.
+1. Optionally, if you chose **Allow for selected organizations**, to the right of an organization, select the dropdown menu to define which {% data variables.product.prodname_AS %} products are available to the organization.
 
-   ![Screenshot of the dropdown menu to choose a {% data variables.product.prodname_advanced_security %} policy for selected organizations in the enterprise. The dropdown is outlined.](/assets/images/help/enterprises/select-advanced-security-individual-organization-policy.png)
+{% ifversion ghas-products %}
+
+   ![Screenshot of the dropdown menu to choose a {% data variables.product.prodname_AS %} policy for selected organizations in the enterprise. The dropdown is outlined.](/assets/images/help/enterprises/select-advanced-security-individual-organization-policy.png)
+
+{% else %}
+
+   ![Screenshot of the dropdown menu to choose a {% data variables.product.prodname_AS %} policy for selected organizations in the enterprise. The dropdown is outlined.](/assets/images/help/enterprises/select-advanced-security-individual-organization-policy-ghes-316.png)
+
+{% endif %}

data/reusables/advanced-security/about-ghas-organization-policy.md

@@ -1 +1 @@
-1. Under "{% data variables.product.prodname_GH_advanced_security %} availability", select the dropdown menu, then click a policy for the organizations owned by your enterprise.
+1. Under "{% data variables.product.prodname_AS %} availability", select the dropdown menu, then click a policy for the organizations owned by your enterprise.