To use driftctl, we need credentials to make authenticated requests to GitHub. Just like the terraform provider, we retrieve config from environment variables.
driftctl scan --to github+tf
Least privileged policy
Below you can find the minimal scope required for driftctl to be able to scan every GitHub supported resources.
# Required to enumerate private repos
# Required to list your organization teams
# and other organization related resources
Beware that if you don't set permission
repo for your token, you won't see any errors for repositories listing.
Thus, all private repositories will appear as deleted from remote.