CodeBuild source credentials should be stored and transmitted securely

codebuild
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

This control verifies if AWS CodeBuild source credentials include personal access tokens or basic authentication credentials (username and password). It is applicable only to credentials for GitHub or Bitbucket sources, as only these sources support insecure repository access methods.

Using personal access tokens or basic authentication may lead to unintended data exposure or unauthorized access. Secure methods to access source respositories include AWS CodeConnections, AWS Secrets Manager, or OAuth.

Remediation

For guidance on updating CodeBuild source provider settings, refer to the Access your source provider in CodeBuild section of the AWS CodeBuild User Guide.

PREVIEWING: brett.blue/embedded-collector-release