Update AWS Secret Detection Pattern
As reported in #285486 (comment 609476284)
Problem
The rule for for AWS Access Keys should be like it is in GitLeaks:
[[rules]]
description = "AWS"
id = "aws-access-token"
regex = '''(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}'''
keywords = [
"akia","agpa","aida","aroa","aipa","anpa","anva","asia",
]
What I see in your repo is:
[[rules]]
id = "AWS"
description = "AWS Access Token"
regex = '''AKIA[0-9A-Z]{16}'''
tags = ["aws", "revocation_type"]
keywords = [
"akia",
]
Impact
With this outdated rule(s) the feature is pretty useless for us as we are not even able to work around with custom rules in premium edition (#285486 (closed)).
Solution
Update AWS detection logic
- detection rules
- revocation API trigger
Edited by Connor Gilbert