fix: aws-secret-key with keywords

Checkmarx · Mar 31, 2024 · 2da0c95 · 2da0c95
1 parent aea43c0
commit 2da0c95
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 0 deletions.
diff --git a/cmd/generate/config/rules/aws.go b/cmd/generate/config/rules/aws.go
@@ -45,6 +45,7 @@ func AWSSecretKey() *config.Rule {
 		Description: "Identified a pattern that may indicate AWS credentials, risking unauthorized cloud resource access and data breaches on AWS platforms.",
 		RuleID:      "aws-secret-key",
 		Regex:       generateUniqueTokenRegex("[0-9A-Z+\\/]{40}", true),
+		Keywords:    []string{"aws_secret_access_key", "aws_secret", "AwsSecret"},
 	}
 
 	// validate
@@ -54,6 +55,7 @@ func AWSSecretKey() *config.Rule {
 	fps := []string{
 		credFileAccessKey,
 		credFileSessionToken,
+		"  - 4f1d13e1bbebef31175ffe9a8d752609b9edc174",
 	}
 	return validate(r, tps, fps)
 }
diff --git a/config/gitleaks.toml b/config/gitleaks.toml
@@ -135,6 +135,9 @@ keywords = [
 id = "aws-secret-key"
 description = "Identified a pattern that may indicate AWS credentials, risking unauthorized cloud resource access and data breaches on AWS platforms."
 regex = '''(?i)\b([0-9A-Z+\/]{40})(?:['\"\\\n\r\s\x60;<]|$)'''
+keywords = [
+    "aws_secret_access_key","aws_secret","awssecret",
+]
 
 [[rules]]
 id = "beamer-api-token"