Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add aws-secret-key rule #1356

Open
wants to merge 7 commits into
base: master
Choose a base branch
from
Open

Conversation

baruchiro
Copy link
Contributor

Description:

I fixes few issues (#1049, #1324, #1337) and added a rule for AWS Secret Key.

I renamed the AWS() function name to AWSAccessKey(), and changed the RuleID too, which may lead to breaking changes ⚠️.

Checklist:

  • Does your PR pass tests?
  • Have you written new tests for your changes?
  • Have you lint your code locally prior to submission?

baruchiro added a commit to Checkmarx/gitleaks that referenced this pull request Mar 28, 2024
### Description:
I fixes few issues (gitleaks#1049, gitleaks#1324, gitleaks#1337) and added a rule for AWS Secret
Key.

I renamed the `AWS()` function name to `AWSAccessKey()`, and changed the
`RuleID` too, which may lead to breaking changes ⚠️.

### Checklist:

* [x] Does your PR pass tests?
* [x] Have you written new tests for your changes?
* [x] Have you lint your code locally prior to submission?

Original: gitleaks#1356
RuleID: "aws-access-token",
Regex: regexp.MustCompile(
"(?:A3T[A-Z0-9]|AKIA|ASIA|ABIA|ACCA)[A-Z0-9]{16}"),
RuleID: "aws-access-key",
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@baruchiro can we just leave this as aws-access-token so it doesn't break existing configs? We could add a little note in the description mentioning that this really should be called aws-access-key?

Copy link
Contributor Author

@baruchiro baruchiro Jun 2, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't have access to that branch anymore, sorry..

Here is my suggestion:

Description: "Identified a pattern that may indicate AWS access key, risking unauthorized cloud resource access and data breaches on AWS platforms.",
RuleID:      "aws-access-token",

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants