We are building docker images in CodeBuild. This works fine but we have a "HIGH" security hub finding because we had to enable priviledged mode:
CodeBuild.5 CodeBuild project environments should not have privileged mode enabled
I'm currently looking for a way to build docker images without using priviledged mode. I saw this URL from AWS where they are also using priviledged mode.
How can I build docker images without using this mode so we are compliant with the security hub rules?
if we refer to AWS guide https://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html
since you're building docker image, codebuild would require privilegedMode=true
@ekeyse has shared the cdk doc that privilege mode is required otherwise it will fail
I personally think that security hub is informing you that there is codebuild project running on privilege mode, you may ignore if that is intended