Ensure private repository creation is limited to specific members

Description

This policy checks whether private repository creation is limited to specific members in a GitHub organization. It ensures that the 'members_can_create_private_repositories' setting is set to False, which helps prevent unauthorized users from creating private repositories. This is important because it reduces the risk of sensitive information being exposed or compromised. By limiting private repository creation, organizations can better control access to their codebase and sensitive data.

Code Example

github

In the GitHub organization settings, navigate to 'Member privileges' and uncheck the box next to 'Create private repositories'. Alternatively, you can use the GitHub API to update the organization settings: 

"members_can_create_private_repositories": false

Remediation

Set 'members_can_create_private_repositories' to False in the GitHub organization settings.

Rule Details

Field	Value
ID	IAC-1060
Severity	MEDIUM
IaC Type	github_configuration
Frameworks	*
Checkov ID	CKV_GITHUB_22

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Ensure private repository creation is limited to specific members

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Ensure private repository creation is limited to specific members ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

Ensure private repository creation is limited to specific members

Description

Code Example

Remediation

Rule Details

References