Ensure that CodeBuild projects are encrypted

Error: CodeBuild projects are not encrypted

Bridgecrew Policy ID: BC_AWS_GENERAL_78
Checkov Check ID: CKV_AWS_147
Severity: MEDIUM

CodeBuild projects are not encrypted

Description

Encrypting your CodeBuild projects helps protect your data from unauthorized access or tampering. That way, you can ensure that only authorized users can access and modify the contents of your projects. Such action can help protect against external threats such as hackers or malware, as well as internal threats such as accidental or unauthorized access.

Fix - Buildtime

Terraform

  • Resource: aws_codebuild_project
  • Argument: encryption_key
resource "aws_codebuild_project" "example" {
  ...
+ encryption_key = "AWS_Key_Management_Service_example"
}