CodeBuild project environment variables should not contain plain text credentials

codebuild
이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

This rule verifies whether the project has plain text environment variables that include the string AWS_ACCESS_KEY_ID or AWS_SECRET_ACCESS_KEY. Storing authentication credentials such as these in plain text poses a security risk, as it may result in unauthorized access and potential data exposure.

Remediation

For guidance on updating project environment variables, refer to the Change a build project’s settings in AWS CodeBuild section in the AWS CodeBuild User Guide.