Using credentials in environment variables with commonly identifiable names may make the resource vulnerable to unauthorized access. It is recommended to use a secret manager or a key management service to store credentials instead of environment variables.
In AWS Console -
In Terraform -
For more information on configuring a field-level encryption profile, see the AWS documentation.
References:
https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-env-vars.html