aws

package
v3.88.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 6, 2025 License: AGPL-3.0 Imports: 9 Imported by: 1

Documentation

Index

Constants

View Source
const (
	RequiredIdEntropy     = 3.0
	RequiredSecretEntropy = 4.25
)

Variables

View Source
var FalsePositiveSecretPat = regexp.MustCompile(`[a-f0-9]{40}`)

Hashes, like those for git, do technically match the secret pattern. But they are extremely unlikely to be generated as an actual AWS secret. So when we find them, if they're not verified, we should ignore the result.

View Source
var ResourceTypes = map[string]string{
	"ABIA": "AWS STS service bearer token",
	"ACCA": "Context-specific credential",
	"AGPA": "User group",
	"AIDA": "IAM user",
	"AIPA": "Amazon EC2 instance profile",
	"AKIA": "Access key",
	"ANPA": "Managed policy",
	"ANVA": "Version in a managed policy",
	"APKA": "Public key",
	"AROA": "Role",
	"ASCA": "Certificate",
	"ASIA": "Temporary (AWS STS) access key IDs",
}

ResourceTypes derived from: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-unique-ids

View Source
var SecretPat = regexp.MustCompile(`(?:[^A-Za-z0-9+/]|\A)([A-Za-z0-9+/]{40})(?:[^A-Za-z0-9+/]|\z)`)
View Source
var UrlEncodedReplacer = strings.NewReplacer(
	"%2B", "+",
	"%2b", "+",
	"%2F", "/",
	"%2f", "/",
	"%3d", "=",
	"%3D", "=",
)

UrlEncodedReplacer helps capture base64-encoded results that may be url-encoded. TODO: Add this as a decoder, or make it a more generic.

Functions

func CleanResults added in v3.84.0

func CleanResults(results []detectors.Result) []detectors.Result

func GetAccountNumFromID added in v3.84.0

func GetAccountNumFromID(id string) (string, error)

func GetHMAC added in v3.6.1

func GetHMAC(key []byte, data []byte) []byte

func GetHash added in v3.6.1

func GetHash(input string) string

Types

type Error added in v3.84.0

type Error struct {
	Code    string `json:"Code"`
	Message string `json:"Message"`
}

type ErrorResponseBody added in v3.84.0

type ErrorResponseBody struct {
	Error Error `json:"Error"`
}

type IdentityResponse added in v3.84.0

type IdentityResponse struct {
	GetCallerIdentityResponse struct {
		GetCallerIdentityResult struct {
			Account string `json:"Account"`
			Arn     string `json:"Arn"`
			UserID  string `json:"UserId"`
		} `json:"GetCallerIdentityResult"`
		ResponseMetadata struct {
			RequestID string `json:"RequestId"`
		} `json:"ResponseMetadata"`
	} `json:"GetCallerIdentityResponse"`
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL