Control: CodeBuild projects should not use an user controlled buildspec
Description
This control checks if buildspec.yml is used from a trusted source which user cant interfere with.
Usage
Run the control in your terminal:
powerpipe control run aws_compliance.control.codebuild_project_with_user_controlled_buildspecSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run aws_compliance.control.codebuild_project_with_user_controlled_buildspec --shareSQL
This control uses a named query:
codebuild_project_with_user_controlled_buildspec