AWS : add detection of unique ID prefixes

[yilas]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Some AWS unique ID prefixes are not detected by the application.

Problem to be Addressed

The chapter Understanding unique ID prefixes gives a list of unique ID prefixes.

I suggest to add the following prefixes :

• AGPA
• AIDA
• ANPA
• ANVA
• AROA
• ASCA

[dustin-decker]

These resource prefixes are not for credential types. I don't think there is anything we can or should do with them.

[yilas]

These resource prefixes are not for credential types. I don't think there is anything we can or should do with them.

Hello 👋🏻 The general idea is to avoid spreading this kind of information. To be honest, I don't have a « use case » in mind where I can show that this or that ID could be badly exploited. In parallel with this tool, I also look at how other tools like gitleaks work. This tool generates an alarm for the IDs listed in this issue. That's one of the reasons I suggested this addition.

[dustin-decker]

I've previously removed these prefixes in this commit because they weren't credentials so we are not going to accept this change. Thank you. https://github.com/trufflesecurity/trufflehog/commit/b0547399843a772aff7338a731699fe62d4f6ca4