AWS CodeBuild now further enhances securing your build environment. CodeBuild can now store sensitive information as secrets, which can now get directly passed to your build jobs. This can be achieved by modifying the parameter store directly in your buildspec.yml, or via the CodeBuild console. Learn more : http://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html