Ensure any change to code receives approval of two strongly authenticated users
Description
This policy checks if a GitHub repository requires at least two approvals for any changes to the code. Requiring multiple approvals ensures that changes are thoroughly reviewed, reducing the risk of introducing vulnerabilities or errors. This is particularly important in collaborative environments where multiple developers contribute to the same codebase. By enforcing a minimum number of approvals, organizations can maintain the integrity and security of their code.
Code Example
github
required_pull_request_reviews {
required_approving_review_count = 2
}Remediation
Update the GitHub repository settings to require at least two approvals for pull requests.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-1057 |
| Severity | MEDIUM |
| IaC Type | github_configuration |
| Frameworks | * |
| Checkov ID | CKV_GITHUB_19 |