codebuild-project-envvar-awscred-check

Checks if the project contains environment variables Amazon_ACCESS_KEY_ID and Amazon_SECRET_ACCESS_KEY. The rule is NON_COMPLIANT when the project environment variables contains plaintext credentials.

Identifier: CODEBUILD_PROJECT_ENVVAR_AWSCRED_CHECK

Resource Types: AWS::CodeBuild::Project

Trigger type: Configuration changes

Amazon Web Services Region: All supported Amazon regions except Asia Pacific (Thailand), Asia Pacific (Jakarta), Asia Pacific (Malaysia), Mexico (Central), Canada West (Calgary) Region

Parameters:

Amazon CloudFormation template

To create Amazon Config managed rules with Amazon CloudFormation templates, see Creating Amazon Config Managed Rules With Amazon CloudFormation Templates.