Control: Organization default repository permissions should be limited
Description
Members of your organization should not have write or admin permissions by default in all repositories.
Usage
Run the control in your terminal:
powerpipe control run github_sherlock.control.org_default_repo_permissions_limited
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run github_sherlock.control.org_default_repo_permissions_limited --share
Steampipe Tables
SQL
select url as resource, case when default_repo_permission is null then 'skip' when default_repo_permission in ('write', 'admin') then 'alarm' else 'ok' end as status,case when default_repo_permission is null then 'User do not have required permission to query ' || login || '.' else login || ' default repository permissions are ' || default_repo_permission || '.'end as reason, loginfrom github_my_organization