codebuild-project-envvar-awscred-check
Checks if the project contains environment variables Amazon_ACCESS_KEY_ID and Amazon_SECRET_ACCESS_KEY. The rule is NON_COMPLIANT when the project environment variables contains plaintext credentials.
Identifier: CODEBUILD_PROJECT_ENVVAR_AWSCRED_CHECK
Resource Types: AWS::CodeBuild::Project
Trigger type: Configuration changes
Amazon Web Services Region: All supported Amazon regions except Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region
Parameters:
- None
Amazon CloudFormation template
To create Amazon Config managed rules with Amazon CloudFormation templates, see Creating Amazon Config Managed Rules With Amazon CloudFormation Templates.