CodeBuild source credentials should be stored and transmitted securely
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Description
This control verifies if AWS CodeBuild source credentials include personal access tokens or basic authentication credentials (username and password). It is applicable only to credentials for GitHub or Bitbucket sources, as only these sources support insecure repository access methods.
Using personal access tokens or basic authentication may lead to unintended data exposure or unauthorized access. Secure methods to access source respositories include AWS CodeConnections, AWS Secrets Manager, or OAuth.
For guidance on updating CodeBuild source provider settings, refer to the Access your source provider in CodeBuild section of the AWS CodeBuild User Guide.
