-
-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add aws-secret-key rule #1356
base: master
Are you sure you want to change the base?
Conversation
Fix gitleaks#1324 Change AWS regex to match only allowed characters
### Description: I fixes few issues (gitleaks#1049, gitleaks#1324, gitleaks#1337) and added a rule for AWS Secret Key. I renamed the `AWS()` function name to `AWSAccessKey()`, and changed the `RuleID` too, which may lead to breaking changes⚠️ . ### Checklist: * [x] Does your PR pass tests? * [x] Have you written new tests for your changes? * [x] Have you lint your code locally prior to submission? Original: gitleaks#1356
RuleID: "aws-access-token", | ||
Regex: regexp.MustCompile( | ||
"(?:A3T[A-Z0-9]|AKIA|ASIA|ABIA|ACCA)[A-Z0-9]{16}"), | ||
RuleID: "aws-access-key", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@baruchiro can we just leave this as aws-access-token
so it doesn't break existing configs? We could add a little note in the description mentioning that this really should be called aws-access-key
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't have access to that branch anymore, sorry..
Here is my suggestion:
Description: "Identified a pattern that may indicate AWS access key, risking unauthorized cloud resource access and data breaches on AWS platforms.",
RuleID: "aws-access-token",
Description:
I fixes few issues (#1049, #1324, #1337) and added a rule for AWS Secret Key.
I renamed the⚠️ .
AWS()
function name toAWSAccessKey()
, and changed theRuleID
too, which may lead to breaking changesChecklist: