Policies allow you to manage and configure functionality across your Gitpod organization.

Manage a Policy

To update an Organizational policy:

  1. Ensure you have are a Member with the Role “Organization Owner”.
  2. Navigate to the Gitpod dashboard.
  3. Ensure you are in the context of the Organization you want to set the policy.
  4. Navigate to the settings page.
  5. Update the relevant policy.

Workspace Sharing

Workspace sharing is enabled by default. Through this policy, Organization Owners can prevent Members from sharing workspaces that have been started within an Organization.

  • Prevents workspaces within an Organization from sharing access to a running workspace.
  • Members can stop sharing a workspace at any time, regardless of the Organizational Policy.
  • Any currently shared workspaces will not have sharing access removed.

Restrict Workspace Classes

Restricting workspace classes can be useful for preventing unexpected costs, or removing unnecessary classes for an organization. Through this setting, an organization owner can restrict the available workspace classes within an installation. Members of the organization will no longer see the workspace class as an option in the various Gitpod interfaces. This setting takes precedence over other settings, such as project-level workspace class defaults.

Default Workspace Image

Setting a default image for your Organization (instead of relying on the default workspace-full image) is useful when you want to create a default workspace experience for your Organization members without adding a .gitpod.yml to every repository. The Organization workspace image setting is a default and can still be overwritten by updating the repository .gitpod.yml file.

The user must have the Organization Owner role to update the Organization default workspace image. All Organization members can view this setting only.

See Workspace Image for more.

Workspace Image Authentication

Authentication for the images is based on what the Gitpod installation can access. For Gitpod Cloud users, only public images are currently supported. For Gitpod Dedicated, the authentication is inherited from the installation. For instance, if you are using ECR private registry support that will work with the Organization setting.

Was this helpful?