Using the GrantPublicAccess method on bucket contruct $X will make the objects in the bucket world accessible. Verify if this is intentional. Likelihood: HIGH Confidence: MEDIUM CWE: - CWE-306: Missing Authentication for Critical Function
OWASP: - A07:2021 - Identification and Authentication Failures
awscdk-codebuild-project-public
CodeBuild Project $X is set to have a public URL. This will make the build results, logs, artifacts publically accessible, including builds prior to the project being public. Ensure this is acceptable for the project. Likelihood: MEDIUM Confidence: MEDIUM CWE: - CWE-306: Missing Authentication for Critical Function
OWASP: - A07:2021 - Identification and Authentication Failures