Skip to content

Resource visibility#

Pro and Enterprise customers can use resource visibility controls to set the default visibility of repositories, plugins, and policies and to specify when these defaults can be overridden.

Common use cases:

  • Ensure all schemas remain private by setting the instance-wide default to private and enabling strict mode
  • Allow individual organizations and teams to control resource visibility by setting instance-wide defaults without strict mode
  • Control plugin distribution, such as restricting them to only internal use by setting their default to private and enabling strict mode

Instance-wide defaults#

Instance administrators can configure instance-wide defaults:

  1. Sign in to the Buf Schema Registry.
  2. Navigate to Admin > Settings > Resource visibility, or go directly to https://buf.build/admin/resource-visibility.
  3. For each resource type, set the default visibility: Choose "Public" or "Private" from the dropdown menu.
    • Public: Resources are visible to all users who can access the instance
    • Private: Resources are only visible to members of the resource's organization
  4. Enable strict mode: Toggle the Strict setting to control whether organization owners and admins can override the default.
    • Enabled: Only instance administrators can change an individual resource's visibility.
    • Disabled: Organizations can freely change visibility for their own resources. The default only applies to newly-created resources, and organization-level defaults take precedence.
  5. Click Update to save your changes.

Organization-level defaults#

Organization owners and administrators can configure defaults for their resources when instance-level strict mode is disabled. Instance administrators can always modify these settings.

  1. Sign in to the Buf Schema Registry.
  2. Navigate to your organization's settings at https://buf.build/ORGANIZATION/settings/general.
  3. Scroll to the Resource visibility section.
  4. For each resource type, set the default visibility: Choose "Public" or "Private" from the dropdown menu.
    • Public: Resources are visible to all users who can access the instance
    • Private: Resources are only visible to organization members
  5. Enable strict mode: Toggle the Strict setting to control whether resource owners, such as a repository or plugin's creator, can override the default.
    • Enabled: Only instance and organization admins can change an individual resource's visibility.
    • Disabled: Resource owners can change their visibility. The default only applies to newly-created resources.
  6. Click Update to save your changes.