feat(aws): add entropy & allowlist (#1582)

config/gitleaks.toml

@@ -147,12 +147,19 @@ keywords = [
 id = "aws-access-token"
 description = "Identified a pattern that may indicate AWS credentials, risking unauthorized cloud resource access and data breaches on AWS platforms."
 regex = '''(?:A3T[A-Z0-9]|AKIA|ASIA|ABIA|ACCA)[A-Z0-9]{16}'''
+entropy = 3
 keywords = [
+    "a3t",
     "akia",
     "asia",
     "abia",
     "acca",
 ]
+# NOTE: Gitleaks >= v8.21.0 should use [[rules.allowlists] instead.
+[rules.allowlist]
+regexes = [
+    '''.+EXAMPLE$''',
+]
 
 [[rules]]
 id = "azure-ad-client-secret"

detect/reader_test.go

@@ -9,7 +9,7 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-const secret = "AKIAIRYLJVKMPEXAMPLE"
+const secret = "AKIAIRYLJVKMPEGZMPJS"
 
 type mockReader struct {
 	data []byte