kingfisher/crates/kingfisher-rules/data/rules/scalr.yml

rules:
  - name: Scalr API Access Token
    id: kingfisher.scalr.1
    pattern: |
      (?xi)
      \b
      (?:SCALR_KEY|scalr[_-]?(?:key|token|api[_-]?key))
      (?:.|[\n\r]){0,16}?
      [=:"'\s]
      ['"]*
      (
        eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
        \.
        eyJpc3MiOiJ1c2VyIiwianRpIjoiYXQt
        [A-Za-z0-9_-]{20,40}
        \.
        [A-Za-z0-9_-]{43}
      )
      ['"\s]
    pattern_requirements:
      min_digits: 2
    min_entropy: 3.5
    confidence: high
    examples:
      - "SCALR_KEY=\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ1c2VyIiwianRpIjoiYXQtdzFwNWtvN2h2ODh0bGVzcDAifQ.VCPHD8dI5RAO4yexSrfk7mhrBu1KFnGU3Rm2zwApplF\""
      - "scalr_api_key: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ1c2VyIiwianRpIjoiYXQteVo1cW81aHY5OTF1bWZzcTAifQ.WDRIE9eJ6SBP5zfyTugl8nihCu2LGoPV4Sn3AxBrqmN\n"
    references:
      - https://docs.scalr.com/docs/api-tokens
    validation:
      type: Http
      content:
        request:
          method: GET
          url: https://scalr.io/api/iacp/v3/accounts
          headers:
            Authorization: "Bearer {{ TOKEN }}"
            Prefer: "respond-async"
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200]
            - type: StatusMatch
              status: [401, 403]
              negative: true