turbot/tailscale_compliance

GitHub
Loading controls...

Control: Enable device authorization

Description

New devices can be manually reviewed and approved by an Admin before they can join the network. This can be used to ensure only trusted devices, such as workplace-managed laptops and phones, can access a network.

Usage

Run the control in your terminal:

steampipe check tailscale_compliance.control.security_best_practices_device_authorization_enabled

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share tailscale_compliance.control.security_best_practices_device_authorization_enabled

Plugins & Tables

SQL

select
id as resource,
case
when authorized then 'ok'
else 'alarm'
end as status,
case
when authorized then name || ' is authorized.'
else name || ' is unauthorized.'
end as reason,
tailnet_name
from
tailscale_device;