codebuild-project-envvar-awscred-check

Checks if the project contains environment variables Amazon_ACCESS_KEY_ID and Amazon_SECRET_ACCESS_KEY. The rule is NON_COMPLIANT when the project environment variables contains plaintext credentials.

Identifier: CODEBUILD_PROJECT_ENVVAR_AWSCRED_CHECK

Resource Types: AWS::CodeBuild::Project

Trigger type: Configuration changes

Amazon Web Services Region: All supported Amazon regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Europe (Spain), Europe (Zurich) Region

Parameters:

Amazon CloudFormation template

To create Amazon Config managed rules with Amazon CloudFormation templates, see Creating Amazon Config Managed Rules With Amazon CloudFormation Templates.