Control: CodeBuild projects should not be unused for 90 days or greater
Description
Ensure CodeBuild projects are curently in use. It is recommended to remove the stale ones.
Usage
Run the control in your terminal:
powerpipe control run aws_compliance.control.codebuild_project_build_greater_then_90_daysSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run aws_compliance.control.codebuild_project_build_greater_then_90_days --shareSQL
This control uses a named query:
with latest_codebuild_build as (  select    project_name,    region,    account_id,    min(date_part('day', now() - end_time)) as build_time  from    aws_codebuild_build  group by    project_name,    region,    account_id),codebuild_projects as (  select    arn,    name,    region,    account_id,    title,    tags,    _ctx  from    aws_codebuild_project  group by    name,    tags,    arn,    title,    region,    account_id,    _ctx)select  p.arn as resource,  case    when b.build_time is null then 'alarm'    when b.build_time < 90 then 'ok'    else 'alarm'  end as status,  case    when b.build_time is null then p.title || ' has no builds.'    else p.title || ' was build ' || build_time || ' day(s) before.'  end as reason    , p.region, p.account_idfrom  codebuild_projects as p  left join latest_codebuild_build as b on p.name = b.project_name and p.region = b.region and p.account_id = b.account_id;