codebuild-project-environment-privileged-check - AWS Config

codebuild-project-environment-privileged-check

Checks if an AWS CodeBuild project environment has privileged mode enabled. The rule is NON_COMPLIANT for a CodeBuild project if ‘privilegedMode’ is set to ‘true’.

Identifier: CODEBUILD_PROJECT_ENVIRONMENT_PRIVILEGED_CHECK

Trigger type: Configuration changes

AWS Region: All supported AWS regions except China (Beijing), Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Osaka), AWS GovCloud (US-East), AWS GovCloud (US-West), China (Ningxia) Region

Parameters:

exemptedProjects (Optional)
Type: CSV

Comma-separated list of CodeBuild project names that are allowed to have ‘privilegedMode’ with value ‘true’.

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.