Control: Organization default repository permissions should be limited

Description

Members of your organization should not have write or admin permissions by default in all repositories.

Usage

Run the control in your terminal:

powerpipe control run github_sherlock.control.org_default_repo_permissions_limited

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run github_sherlock.control.org_default_repo_permissions_limited --share

Steampipe Tables

github_my_organization

SQL

select
  url as resource,
  case
    when default_repo_permission is null then 'skip'
    when default_repo_permission in ('write', 'admin') then 'alarm'
    else 'ok'
  end as status,
  case
    when default_repo_permission is null then 'User do not have required permission to query ' || login || '.'
    else login || ' default repository permissions are ' || default_repo_permission || '.'
  end as reason,
  login
from
  github_my_organization

Control: Organization default repository permissions should be limited

Description

Usage

Steampipe Tables

SQL

Tags