Ensure GitHub organization security settings has IP allow list enabled

Error: GitHub organization security settings does not have IP allow list enabled
Bridgecrew Policy ID: BC_ORG_GITHUB_3
Checkov Check ID: CKV_GITHUB_3
Severity: LOW

GitHub organization security settings does not have IP allow list enabled

Description

In GitHub Enterprise Cloud and GitHub AE, you can restrict access to organization assets by configuring an allow list for specific IP addresses. For example, it is possible to allow access from only the IP address of a trusted CIDR. The allow list for IP addresses will block access via the web, API, and Git from any IP addresses that are not on the allow list.

To enforce the IP allow list, you must first add IP addresses to the list, then enable the IP allow list. You must add your current IP address, or a matching range, before you enable the IP allow list.


Did this page help you?