We’ve made a series of improvements to the GitHub Connect license sync feature in addition to the "Sync now" button we recently added in GHES:
Enterprise administrators can now access a refreshed Consumed License CSV that includes additional data, such as the saml_name_id and the GitHub Enterprise Cloud email address (for verified domains only) for each user;
Enterprise administrators also have access to two new License REST API endpoints:
a. consumed-licenses: returns the same Consumed License data found in the CSV download
b. license-sync-status: returns information related to the license sync job status
We improved the license sync matching algorithm for enterprises that use SAML SSO. We now attempt to match Server user accounts against SAML attributes in addition to matching against users' GitHub Enterprise Cloud email addresses. This improvement eliminates the need for enterprise administrators to require users to add their work-related email addresses to their GitHub Enterprise Cloud account.
GitHub Enterprise Cloud customers can elect to participate in a public beta to configure audit log streaming to AWS S3 with OpenID Connect (OIDC). Audit log streaming configured with OIDC eliminates storage of long-lived cloud secrets on GitHub by using short-lived tokens exchanged via REST/JSON message flows for authentication.
The ability for GitHub Enterprise Cloud owners to display members’ IP addresses for all audit logs events for private repositories and other enterprise assets, such as issues and projects, is generally available.
These IP addresses can be used to improve threat analyses and further secure your software. Note, IP addresses will continue to not be displayed for activity related to public repositories.
GitHub Enterprise Cloud (GHEC) customers can now participate in a private beta enabling audit log streaming to a Datadog endpoint. Audit log streaming to Datadog not only allows enterprises to satisfy long-term data retention goals but also analyze GitHub audit log data using the tools offered by Datadog.
GHEC administrators interested in participating in the private beta should reach out to your GitHub account manager or contact our sales team to make the feature available for your enterprise. Once enabled, administrators can follow the instructions for setting up streaming to Datadog and provide feedback on their experience at the audit log streaming to Datadog community discussion.
GitHub Enterprise Cloud customers can elect to participate in a private beta to configure audit log streaming to AWS S3 with OpenID Connect (OIDC). Audit log streaming configured with OIDC eliminates storage of long-lived cloud secrets on GitHub by using short-lived tokens exchanged via REST/JSON message flows for authentication.
Via our new beta feature, enterprise owners can now revoke pending member invitations from the pending invitations page within the enterprise account: https://github.com/enterprises/<enterprise>/pending_members. This beta feature only applies to enterprise member invitations not invites for enterprise administrators and outside collaborators.
Enterprise administrators can now view a quick summary of the members associated with their enterprise on the enterprise account's member's page: https://github.com/enterprises/<enterprise>/people. This new summary section breaks down user counts across roles, licenses, and deployments applicable to your enterprise.