💼 [CodeBuild.2] CodeBuild project environment variables should not contain clear text credentials
- ID:
/frameworks/aws-fsbp-v1.0.0/codebuild/02
Description​
Authentication credentials AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY should
never be stored in clear text, as this could lead to unintended data exposure
and unauthorized access.
Similar​
- AWS Security Hub
- Internal
- ID:
dec-c-627d50c1
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 IA-5(7) Authenticator Management _ No Embedded Unencrypted Static Authenticators | no data | ||||
| 💼 NIST SP 800-53 Revision 5 → 💼 SA-3 System Development Life Cycle | 3 | 4 | no data | ||
| 💼 PCI DSS v3.2.1 → 💼 8.2.1 Using strong cryptography, render all authentication credentials unreadable during transmission and storage on all system components. | 14 | no data | |||
| 💼 PCI DSS v4.0.1 → 💼 8.3.2 Strong cryptography is used to render all authentication factors unreadable during transmission and storage on all system components. | 14 | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|