secrets not detecting on custom terraform variable.

Yelp / detect-secrets

An enterprise friendly way of detecting and preventing secrets in code.

Apache License 2.0

3.82k stars 474 forks source link

secrets not detecting on custom terraform variable. #654

Open netwrkspider opened 1 year ago

netwrkspider commented 1 year ago

Hello Team,

When I tried to scan the git repo the following information was not detected by the detect-secrets tool. The following terraform code details are given below.

variable "sys_password" { type = string default = "Hacker@pass#1234" } variable "sys_username" { type = string default = "root" }

Is there any plugin available to detect above custom plain text secret?

jpdakran commented 1 year ago

@netwrkspider Hi. Thank you for reporting this. What is the file type?

netwrkspider commented 1 year ago

@jpdakran It's terraform code with having .tf extension.