Ensure public repository creation is limited to specific members
Description
This policy checks whether public repository creation is limited to specific members in a GitHub organization. It's essential to restrict public repository creation to prevent sensitive information from being exposed. By limiting public repository creation, organizations can reduce the risk of data breaches and maintain control over their codebase. This rule ensures that the 'members_can_create_public_repositories' setting is set to False, which means only specific members can create public repositories.
Code Example
github
In the GitHub organization settings, navigate to 'Member privileges' and ensure the 'Repository creation' section has 'Public' set to 'Not allowed' or limited to specific teams or members.Remediation
Limit public repository creation to specific members by setting 'members_can_create_public_repositories' to False in the GitHub organization settings.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-1059 |
| Severity | MEDIUM |
| IaC Type | github_configuration |
| Frameworks | * |
| Checkov ID | CKV_GITHUB_21 |