Back to All Checks
Critical CodeBuild Regional

CodeBuild Bitbucket source repository URLs should not contain sensitive credentials

PCI DSSNISTISO 27001HIPAA

Description

Checks whether the GitHub or Bitbucket source repository URL in AWS CodeBuild projects uses OAuth for authentication instead of personal access tokens or username and password.

Remediation

To ensure secure authentication, update your CodeBuild project to use OAuth for GitHub or Bitbucket repositories.

Steps

  1. Open the AWS CodeBuild console at https://console.aws.amazon.com/codebuild/.
  2. Choose the build project to update.
  3. From Edit, select Source.
  4. Choose Disconnect from GitHub / Bitbucket if currently connected.
  5. Select Connect using OAuth, then choose Connect to GitHub / Bitbucket.
  6. Authorize the connection when prompted.
  7. Reconfigure your repository URL and additional settings as needed.
  8. Choose Update source.

Compliance

PCI DSSNISTISO 27001HIPAA
Start Your Free Security Check