Merge requests should require at least 2 approvals
Description
This policy checks if merge requests in Bitbucket require at least 2 approvals, which is an important security practice to ensure that code changes are thoroughly reviewed before being merged into the main codebase. Requiring multiple approvals helps prevent malicious or vulnerable code from being introduced into the codebase. By enforcing this rule, organizations can reduce the risk of security breaches and maintain the integrity of their code. This check is particularly relevant in supply chain security, where a single vulnerable component can have far-reaching consequences.
Code Example
bitbucket
values:
- kind: require_approvals_to_merge
value: 2Remediation
Ensure that the merge request configuration requires at least 2 approvals.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0820 |
| Severity | MEDIUM |
| IaC Type | bitbucket_configuration |
| Frameworks | * |
| Checkov ID | CKV_BITBUCKET_1 |