Why must we supply a github_personal_access_token when building the AMI?

[JonathanAquino-NextRoll]

In the instructions for building the AMI (Building aggregation service artifacts), part of the instructions is to put a github_personal_access_token in codebuild.auto.tfvars.

Can you provide more information on this token?

1. What scopes are required? All of them?
2. Why do we need to supply a GitHub Personal Access Token? Is it to read something from GtHub?
3. I feel uncomfortable putting this sensitive token in AWS where anyone in my company can access it.

[JonathanAquino-NextRoll]

Answering my own questions.

1. None. It says to set it to a github_personal_access_token_without_permissions
2. It is used for PACKER_GITHUB_API_TOKEN
3. The token doesn't have any scopes so not a problem.