CodeBuild Project Contains Clear Text Credentials

Overview

This check ensures that the project does not contain the environment variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY.

These credentials should never be stored in clear-text, as it could potentially lead to unintended data exposure and unauthorized access.

Vendor

AWS

Cloud Service

CodeBuild

Related Requirements

PCI DSS v3.2.1/8.2.1

Related Controls

CodeBuild.2

Severity

5

Item Types

AWS::CodeBuild::Project