Powerpipe Detection Mods →
Powerpipe Hub 
Hub
Mods
turbot/steampipe-mod-github-compliance
Overview
2Dashboards
37Benchmarks
33Queries
2Variables
GitHub

Control: Organization members should have Multi-Factor Authentication (MFA) enabled

Description

Organization members should have Multi-Factor Authentication (MFA) enabled to enhance your organization's security.

Usage

Run the control in your terminal:

powerpipe control run github_compliance.control.organization_member_mfa_enabled

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run github_compliance.control.organization_member_mfa_enabled --share

SQL

This control uses a named query:

select
  -- Required Columns
  m.url as resource,
  case
    when m.has_two_factor_enabled is null then 'info'
    when m.has_two_factor_enabled then 'ok'
    else 'alarm'
  end as status,
  m.login || case
    when m.has_two_factor_enabled is null then ' MFA status unknown. Manual verification required.'
    when m.has_two_factor_enabled then ' MFA enabled.'
    else ' MFA not enabled.'
  end as reason,
  -- Additional Dimensions
  m.organization
from
  github_organization_member m
  join github_my_organization o on m.organization = o.login;

Tags

category = Compliance
other_checks = true
plugin = github
service = GitHub