Add the docs for secrets masking + set default masks for AWS#381
Conversation
| - # see: https://regex101.com/r/44Ldz7/1 | ||
| # looks for `AWS_ACCESS_KEY_ID={string}` | ||
| search: (AWS_ACCESS_KEY_ID=)(\S+) | ||
| replace: \1******* |
There was a problem hiding this comment.
Tested the regex rules for AWS locally.
But it's also interesting that you can have unit tests and examples for the regex rule at https://regex101.com/r/snz1j6/1
There was a problem hiding this comment.
I would move that URL to the top of the regex comments, or to the bottom, so that every regex keeps the same style of #comment / replace
There was a problem hiding this comment.
Sorry, the PR was auto-merged.
Though the URL was specific to the AWS_ACCESS_KEY_ID rule block as an example, moving it more to the top of the secrets section would be less relevant.
arm4b
changed the title
LeoDiazL
left a comment
LeoDiazL
left a comment
There was a problem hiding this comment.
Just to be consistent, I would use
# comment
replace
# comment
replace
We could add a bigger headder on top of the replacements with the URL and some info if needed. Or at the bottom.
| - # see: https://regex101.com/r/44Ldz7/1 | ||
| # looks for `AWS_ACCESS_KEY_ID={string}` | ||
| search: (AWS_ACCESS_KEY_ID=)(\S+) | ||
| replace: \1******* |
There was a problem hiding this comment.
I would move that URL to the top of the regex comments, or to the bottom, so that every regex keeps the same style of #comment / replace
arm4b
changed the title
2 participants
Closes #374
Also adds AWS secret ENVs to the default config, so it's secure by default.