πΌ [CodeBuild.1] CodeBuild Bitbucket source repository URLs should not contain sensitive credentials
-
Contextual name: πΌ [CodeBuild.1] CodeBuild Bitbucket source repository URLs should not contain sensitive credentials
-
ID:
/frameworks/aws-fsbp-v1.0.0/codebuild/01 -
Located in: πΌ CodeBuild
Descriptionβ
Sign-in credentials shouldn't be stored or transmitted in clear text or appear in the source repository URL. Instead of personal access tokens or sign-in credentials, you should access your source provider in CodeBuild, and change your source repository URL to contain only the path to the Bitbucket repository location. Using personal access tokens or sign-in credentials could result in unintended data exposure or unauthorized access.
Similarβ
- AWS Security Hub
- Internal
- ID:
dec-c-cd4be6a9
- ID:
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ SA-3 System Development Life Cycle | 3 | |||
| πΌ PCI DSS v3.2.1 β πΌ 8.2.1 Using strong cryptography, render all authentication credentials unreadable during transmission and storage on all system components. | ||||
| πΌ PCI DSS v4.0.1 β πΌ 8.3.2 Strong cryptography is used to render all authentication factors unreadable during transmission and storage on all system components. |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|