Open 0xdabbad00 opened 4 years ago
In order to prevent AWS employees from using the non-existent IAM privilege s3:HeadBucket, that string could be viewed as a secret, which maybe would cause an alert every time someone tries to use that in the AWS docs. For example, this doc just appeared: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic-cross-account.html
s3:HeadBucket
That privilege does not exist. AWS should stop mentioning it in their docs.
The text pattern could be added at https://github.com/awslabs/git-secrets/blob/8450ad79fdb31fb685cd38a1bb8a62b3788a9858/git-secrets#L238
This does not seem like an appropriate inclusion here, as that string doesn't actually represent a secret.
In order to prevent AWS employees from using the non-existent IAM privilege
s3:HeadBucket
, that string could be viewed as a secret, which maybe would cause an alert every time someone tries to use that in the AWS docs. For example, this doc just appeared: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic-cross-account.htmlThat privilege does not exist. AWS should stop mentioning it in their docs.
The text pattern could be added at https://github.com/awslabs/git-secrets/blob/8450ad79fdb31fb685cd38a1bb8a62b3788a9858/git-secrets#L238