Project Parameter Encryption Check
Rule Details
Parameter |
Description |
---|---|
Rule Name |
cloudbuildserver-encryption-parameter-check |
Identifier |
Project Parameter Encryption Check |
Description |
If encryption is not enabled for custom parameters in a CodeArts project, this project is non-compliant. |
Tag |
codeartsbuild |
Trigger Type |
Configuration change |
Filter Type |
codeartsbuild.CloudBuildServer |
Rule Parameters |
None |
Application Scenarios
You can set whether a parameter is private in the Parameters tab on the page for configuring the build task. If a parameter is private, the system encrypts the parameter for storage and only decrypts it for usage. Private parameters are not displayed in run logs. For details, see Configuring Parameters.
If a string-value parameter is not set to private, sensitive data (such as AK/SK and database passwords) may be disclosed.
Solution
Set parameters to private.
Rule Logic
- If all custom string-value parameters are set to private, the check result is compliant.
- If any custom string-value parameter is not private, the check result is non-compliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot