feat(aws): add check to ensure Codebuild Github projects are only use allowed Github orgs (#7595)

Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
2026-01-25 02:08:11 +00:00 · 2025-06-17 18:17:18 +02:00
parent 3986bf3f42
commit dfd5c9aee7
9 changed files with 749 additions and 4 deletions
--- a/docs/tutorials/configuration_file.md
+++ b/docs/tutorials/configuration_file.md
@@ -31,6 +31,7 @@ The following list includes all the AWS checks with configurable variables that
 | `cloudtrail_threat_detection_privilege_escalation`            | `threat_detection_privilege_escalation_minutes`  | Integer         |
 | `cloudwatch_log_group_no_secrets_in_logs`                     | `secrets_ignore_patterns`                        | List of Strings |
 | `cloudwatch_log_group_retention_policy_specific_days_enabled` | `log_group_retention_days`                       | Integer         |
+| `codebuild_github_allowed_organizations`                      | `github_allowed_organizations`                   | List of Strings |
 | `codebuild_project_no_secrets_in_variables`                   | `excluded_sensitive_environment_variables`       | List of Strings |
 | `codebuild_project_no_secrets_in_variables`                   | `secrets_ignore_patterns`                        | List of Strings |
 | `config_recorder_all_regions_enabled`                         | `mute_non_default_regions`                       | Boolean         |