org.sonar.plugins.secrets.configuration.mws.yaml Maven / Gradle / Ivy
provider:
metadata:
name: Amazon MWS
category: Marketplace
detection:
pre:
include:
content:
- amzn.mws
post:
patternNot:
- "(\\w)\\1{7,}"
- "(?i)(s|ex)ample"
rules:
- rspecKey: S6292
id: mws-auth-token
metadata:
name: Amazon MWS authentication tokens
message: Make sure this Amazon MWS token gets revoked, changed, and removed from the code.
detection:
matching:
pattern: "\\b(amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})\\b"
examples:
- text: |
props.set("mws-key", "amzn.mws.aaaaaaaa-1111-5770-5bad-19bd40c0ac65")
containsSecret: false
match: amzn.mws.3b8be74a-5f63-5770-5bad-19bd40c0ac65
- text: |
// Noncompliant
props.set("mws-key", "amzn.mws.3b8be74a-5f63-5770-5bad-19bd40c0ac65")
containsSecret: true
match: amzn.mws.3b8be74a-5f63-5770-5bad-19bd40c0ac65
- text: |
// Compliant
props.set("mws-key", System.getenv("MWS_KEY"))
containsSecret: false
- text: |
export MWS_TOKEN=amzn.mws.4ea38b7b-f563-7709-4bae-12ba540c0ac5
containsSecret: true
match: amzn.mws.4ea38b7b-f563-7709-4bae-12ba540c0ac5
- text: |
export MWS_TOKEN=amz.mws.4ea38b7b-f563-7709-4bae-12ba540c0ac5",
// extra characters before
export MWS_TOKEN=blamzn.mws.4ea38b7b-f563-7709-4bae-12ba540c0ac5",
// extra characters after
export MWS_TOKEN=amzn.mws.4ea38b7b-f563-7709-4bae-12ba540c0ac52222222222222"
containsSecret: false
© 2015 - 2025 Weber Informatics LLC | Privacy Policy