@secretlint/secretlint-rule-aws

@secretlint/secretlint-rule-aws

A secretlint rule for AWS.

Install

Install with npm:

npm install @secretlint/secretlint-rule-aws

Usage

Via .secretlintrc.json

{
    "rules": [
        {
            "id": "@secretlint/secretlint-rule-aws"
        }
    ]
}

MessageIDs

AWSAccountID

found AWS Account ID: {{ID}}

git-secrets detect it as secret.

AWSSecretAccessKey

found AWS Secret Access Key: {{KEY}}

AWS's Access key is crendential data. It should be private.

• https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html

AWSAccessKeyID

found AWS Access Key ID: {{ID}}

git-secrets detect it as secret.

Options

• allows: string[]
  • Allows a list of RegExp-like String
• enableIDScanRule: boolean
  • Default: false
  • Enable ID scan rules
    • AWSAccountID
    • AWSAccessKeyID
  • These rules may be false-positive. You can enable it by setting true.

Examples

{
    "rules": [
        {
            "id": "@secretlint/secretlint-rule-aws",
            // Ignore error related to IDs
            "allowMessageIds": ["AWSAccountID", "AWSAccessKeyID"],
            "options": {
                // allow list
                "allows": ["/IT_IS_PUBLIC/"]
            }
        }
    ]
}

Changelog

See Releases page.

Running tests

Install devDependencies and Run npm test:

npm test

Contributing

Pull requests and stars are always welcome.

For bugs and feature requests, please create an issue.

1. Fork it!
2. Create your feature branch: git checkout -b my-new-feature
3. Commit your changes: git commit -am 'Add some feature'
4. Push to the branch: git push origin my-new-feature
5. Submit a pull request :D

Author

• github/azu
• twitter/azu_re

License

MIT © azu