Gitlab project defined in Terraform requires fewer than 2 approvals

Description

In GitLab, administrators can require that all merge requests receive a specific number of approving reviews before someone merges the pull request into a protected branch. It is also possible to require approving reviews from people with write permissions in the repository or from a designated code owner. If a collaborator attempts to merge a pull request with pending or rejected reviews into the protected branch, the collaborator will receive an error message.

Code Example

resource "gitlab_project" "example" {
...
+  approvals_before_merge = 2
...
}

Remediation

Terraform

Resource: gitlab_project
Attribute: approvals_before_merge

Rule Details

Field	Value
ID	IAC-1069
Severity	MEDIUM
IaC Type	Terraform
Frameworks	Terraform
Checkov ID	CKV_GLB_1

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Gitlab project defined in Terraform requires fewer than 2 approvals

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Gitlab project defined in Terraform requires fewer than 2 approvals ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

Gitlab project defined in Terraform requires fewer than 2 approvals

Description

Code Example

Remediation

Rule Details

References