Control: Enable device authorization
New devices can be manually reviewed and approved by an Admin before they can join the network. This can be used to ensure only trusted devices, such as workplace-managed laptops and phones, can access a network.
Run the control in your terminal:
steampipe check tailscale_compliance.control.security_best_practices_device_authorization_enabled
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share tailscale_compliance.control.security_best_practices_device_authorization_enabled
Plugins & Tables
selectid as resource,casewhen authorized then 'ok'else 'alarm'end as status,casewhen authorized then name || ' is authorized.'else name || ' is unauthorized.'end as reason,tailnet_namefromtailscale_device;