Overview

A config rule that checks whether the project contains environment variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY. The rule is NON_COMPLIANT when the project environment variables contains plaintext credentials.

Configuration Templates

Items
1
Size
0.7 KB
AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
  ConfigRule:
    Type: 'AWS::Config::ConfigRule'
    Properties:
      ConfigRuleName: codebuild-project-envvar-awscred-check
      Description: >-
        A config rule that checks whether the project contains environment
        variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY. The rule is
        NON_COMPLIANT when the project environment variables contains plaintext
        credentials.
      Scope:
        ComplianceResourceTypes:
          - 'AWS::CodeBuild::Project'
      Source:
        Owner: AWS
        SourceIdentifier: CODEBUILD_PROJECT_ENVVAR_AWSCRED_CHECK
Parameters: {}
Metadata: {}
Conditions: {}

Actions



Customize Cf Template

Rule Parameters

No rule paramters
 
* Required field

Sources and Documentation

Configuration Source: AWS Documentation

Additional Documentation: