← all rules
secret/aws-secret-key
AWS Secret Access Key
What it detects
AWS secret key paired with an access key ID. Full compromise if leaked.
How it runs
Run against every text file in the repo (with a binary-content filter and a `.repoguardignore` filter for fixtures). The matched value is masked before being persisted.
Found a false positive or want this rule tuned? File an issue. You can also suppress per-repo via a .repoguardignore line.