| 123456789101112131415161718192021222324252627282930313233343536373839404142434445 |
- package rules
- import (
- "github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
- "regexp"
- "github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
- "github.com/zricethezav/gitleaks/v8/config"
- )
- // TODO this one could probably use some work
- func GCPServiceAccount() *config.Rule {
- // define rule
- r := config.Rule{
- Description: "Google (GCP) Service-account",
- RuleID: "gcp-service-account",
- Regex: regexp.MustCompile(`\"type\": \"service_account\"`),
- Keywords: []string{`\"type\": \"service_account\"`},
- }
- // validate
- tps := []string{
- `"type": "service_account"`,
- }
- return utils.Validate(r, tps, nil)
- }
- func GCPAPIKey() *config.Rule {
- // define rule
- r := config.Rule{
- RuleID: "gcp-api-key",
- Description: "Uncovered a GCP API key, which could lead to unauthorized access to Google Cloud services and data breaches.",
- Regex: utils.GenerateUniqueTokenRegex(`AIza[0-9A-Za-z\\-_]{35}`, true),
- Keywords: []string{
- "AIza",
- },
- }
- // validate
- tps := []string{
- utils.GenerateSampleSecret("gcp", secrets.NewSecret(`AIza[0-9A-Za-z\\-_]{35}`)),
- }
- return utils.Validate(r, tps, nil)
- }
|
