Merge pull request #276 from stacklok/add-regex-for-aws-secret-key

ptelang · web-flow · commit 7d0c2314cccd · 2024-12-11T11:52:13.000Z
Add regex for detecting AWS secret access key
diff --git a/signatures.yaml b/signatures.yaml
@@ -1,6 +1,7 @@
 ---
 - Amazon:
   - Access Key: (?:A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA|ABIA|ACCA)[A-Z0-9]{16}
+  - Secret Access Key: (?<![A-Za-z0-9\/+])[A-Za-z0-9\/+=]{40}(?![A-Za-z0-9\/+=])
   # - Cognito User Pool ID: (?i)us-[a-z]{2,}-[a-z]{4,}-\d{1,}
   - RDS Password: (?i)(rds\-master\-password|db\-password)
   - SNS Confirmation URL: (?i)https:\/\/sns\.[a-z0-9-]+\.amazonaws\.com\/?Action=ConfirmSubscription&Token=[a-zA-Z0-9-=_]+
