turbot/github_sherlock

Control: Organization default repository permissions should be limited

Description

Members of your organization should not have write or admin permissions by default in all repositories.

Usage

steampipe check github_sherlock.control.org_default_repo_permissions_limited

Plugins & Tables

SQL

select
html_url as resource,
case
when default_repo_permission in ('write', 'admin') then 'alarm'
else 'ok'
end as status,
name || ' default repository permissions are ' || default_repo_permission || '.' as reason,
login
from
github_my_organization