Add variables permission and make change on GHEC only (#56457)

yacaovsnc · web-flow · commit 670aa99adb36 · 2025-07-02T21:00:34.000Z
diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md
@@ -99,8 +99,20 @@ Some of the features listed below are limited to organizations using {% data var
 | {% ifversion fpt or ghec %} |
 | Create, edit, run, re-run, and cancel [GitHub Actions workflows](/actions) | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
 | {% endif %} |
+| {% ifversion ghec %} |
 | Create, update, and delete [GitHub Actions secrets](/actions/security-guides/using-secrets-in-github-actions) on GitHub.com | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
+| {% endif %} |
+| {% ifversion fpt or ghes %} |
+| Create, update, and delete [GitHub Actions secrets](/actions/security-guides/using-secrets-in-github-actions) on GitHub.com | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
+| {% endif %} |
 | Create, update, and delete [GitHub Actions secrets](/rest/actions/secrets) using the REST API | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
+| {% ifversion ghec %} |
+| Create, update, and delete [GitHub Actions variables](/actions/how-tos/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables) on GitHub.com | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
+| {% endif %} |
+| {% ifversion fpt or ghes %} |
+| Create, update, and delete [GitHub Actions variables](/actions/how-tos/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables) on GitHub.com | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
+| {% endif %} |
+| Create, update, and delete [GitHub Actions variables](/rest/actions/variables) using the REST API | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
 | Create and edit releases | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
 | View draft releases | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
 | Edit a repository's description | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
diff --git a/data/reusables/actions/permissions-statement-secrets-variables-repository.md b/data/reusables/actions/permissions-statement-secrets-variables-repository.md
@@ -1 +1 @@
-To create secrets or variables on {% data variables.product.prodname_dotcom %} for a personal account repository, you must be the repository owner. To create secrets or variables on {% data variables.product.prodname_dotcom %} for an organization repository, you must have `admin` access. Lastly, to create secrets or variables for a personal account repository or an organization repository through the REST API, you must have collaborator access.
+To create secrets or variables on {% data variables.product.prodname_dotcom %} for a personal account repository, you must be the repository owner. To create secrets or variables on {% data variables.product.prodname_dotcom %} for an organization repository, you must have {% ifversion ghec %} `write` {% endif %}{% ifversion fpt or ghes %} `admin` {% endif %} access. Lastly, to create secrets or variables for a personal account repository or an organization repository through the REST API, you must have collaborator access.

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		-To create secrets or variables on {% data variables.product.prodname_dotcom %} for a personal account repository, you must be the repository owner. To create secrets or variables on {% data variables.product.prodname_dotcom %} for an organization repository, you must have `admin` access. Lastly, to create secrets or variables for a personal account repository or an organization repository through the REST API, you must have collaborator access.
	`1`	+To create secrets or variables on {% data variables.product.prodname_dotcom %} for a personal account repository, you must be the repository owner. To create secrets or variables on {% data variables.product.prodname_dotcom %} for an organization repository, you must have {% ifversion ghec %} `write` {% endif %}{% ifversion fpt or ghes %} `admin` {% endif %} access. Lastly, to create secrets or variables for a personal account repository or an organization repository through the REST API, you must have collaborator access.