codebuild-project-environment-privileged-check

Checks if an AWS CodeBuild project environment has privileged mode enabled. The rule is NON_COMPLIANT for a CodeBuild project if ‘privilegedMode’ is set to ‘true’.

Identifier: CODEBUILD_PROJECT_ENVIRONMENT_PRIVILEGED_CHECK

Resource Types: AWS::CodeBuild::Project

Trigger type: Configuration changes

AWS Region: All supported AWS regions except US ISO West, Asia Pacific (Jakarta), US ISO East, Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Malaysia), US ISOB East, Asia Pacific (Melbourne), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region

Parameters:

exemptedProjects (Optional)

Type: CSV

Comma-separated list of CodeBuild project names that are allowed to have ‘privilegedMode’ with value ‘true’.

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.