- You can control permissions on almost anything in Azure DevOps
- Some permissions are on Project level and some on Collection Level
- Some artifacts have permissions set directly e.g. Service Connections and Secure Files
- Permissions are automatically set based on the security group that you add users to and can be overridden on the specific level
- Access levels control access to product features �(Basic, VS Enterprise, or Stakeholder)
- Limit the number of Admins!
- Security and identity https://docs.microsoft.com/en-us/azure/devops/organizations/security/about-security-identity?view=azure-devops
- Security roles https://docs.microsoft.com/en-us/azure/devops/organizations/security/about-security-roles?view=azure-devops
- Permissions and groups https://docs.microsoft.com/en-us/azure/devops/organizations/security/permissions?view=azure-devops