Ensure GitHub organization security settings has IP allow list enabled

Error: GitHub organization security settings does not have IP allow list enabled
Bridgecrew Policy ID: BC_ORG_GITHUB_3
Checkov Check ID: CKV_GITHUB_3
Severity: LOW

GitHub organization security settings does not have IP allow list enabled

Description

In GitHub Enterprise Cloud and GitHub AE, you can restrict access to organization assets by configuring an allow list for specific IP addresses. For example, it is possible to allow access from only the IP address of a trusted CIDR. The allow list for IP addresses will block access via the web, API, and Git from any IP addresses that are not on the allow list.

Fix - Buildtime

GitHub

  1. Go to your organization page on GitHub
  2. Click on Settings and then Security
  3. In the IP allowlist section, click on Enable IP allowlist
  4. Add the IP addresses and ranges that you want to allow access to your organization's resources