cd6491db81
* SONARTEXT-418 Create rules S7209 to S7402 * SONARTEXT-418 Create rules S7209 to S7402 * SONARTEXT-418 Add PKCE to OAuth2 secrets * SONARTEXT-418 Fix validation
41 lines
3.1 KiB
Plaintext
41 lines
3.1 KiB
Plaintext
:example_env: KUBERNETES_CLUSTER_CREDENTIALS
|
|
:example_name: kubernetes_cluster_credentials
|
|
:example_secret: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVPtLS0tLQpNSUlFb2dJQkFBS0NBUUVBb0JjNm8wdEJ6QjJFSWV1bnJoTjU1aGlNRGhKZXFKcTFsZU91VEo0YnNHalZ5a0FSClBUK0ZkOVNHeWVGM0VlL01LVkFxRDhnNFd4c2hNNGt0dXZ1TWpTU3ord25zMkp0dk1rSVkrS09hYWRQRUlMelMKd3JqbG5wZFBuMy9Ca1NuNzVKdXNFYUtHQ0I3RzlKSTdyTit5ZHNmS09vSkExNWpPL0dlb3QvdFBqVjRkODJXQgptWW1aK1JrWVptbjdJMU84eHhoWmNUM0NPRDF5Wnc5L04wWFZ2UGJBc2NUMHlPdWRuSTFqRUN6dXB3Slp2UUxDCmIwQkdvUzFIbGlUMWcvWjRaMG5hbkt3K2FiR1dqam01Rm5mU2diUG5TczkyOTVjc0FuSkMvTEV2RUxPdDRFMUIKRUdrYmRlMG41cmcrOEpWOEM5YU9aQU5NRHZpTmIwTG5HaUNqelFJREFRQUJBb0lCQUFPOHh4ZXMyQnBsemdIawp1SU50M1Bpc05naldFUE9xdVBhSTNEYlpzaGZLT3NOLy8yY0lwcHNIa1NZQlo0QTVzdkI3K0o5cHN6Y2RTUWNrCityWlV6UkUyZkNVdU5DTlNiYVXsdXVTREhVVy9OZUwxeFkzYU56SWVvak05RGszUFJ4d3RMalV6TUNIY1poU3IKblUwSjQrYTEvMWlpVmRVeXNoSmVjU2ZxYkE4R3pBUlpLUjlYdDZlU01qQXZqdlp4QUtVMVFYWDlHL3JPNnRqUwpXNjJ5aTlkaG5vYjRBR3ovTlhmN29JZld0dW9SUTcxOFdmxm5kZWZYeVp6MnNwc3V4ZGttRUtrQW9qZ2NqbjI3CnRCeFBlUFcveWRqQ3IzTTA3WGVWVDAyaG5UQXptVnFtcUFhbG5rYkpqT0Z5dkQxNE5Cck9Lc2FoK21CUkZLTUEKSjErdUlZRUNnWUuBeTNCZGMrNTJ0SkhGQm8vL1BjU0FGOHhRQVZXTjFoakZ1Nk1BY2Q5WVF6NkhWNWdDYU1oQwpUWFZrNmt5TC9qcEdYS1E1MmVpbTBrOFUvYWc2VXVlV0Uzek45ZDJ3ci9oeDljUjFLUUxmMlpJUmNrN3ZTRUhnEct0ejFWVlhMRDZBTHlKeThGRHhMbFV0ZGRJb3R6YUNOM1d2UXhybTRYV2pCYi82UnBDQTlWLzBDZ1lFQXlYUEcKaldxdXEvYnFCMlphMGNpVUh5NnJIbGQrRVBKNXg0cWlRc0JaUnpZK085TmxuajJnaU5lcU9mRHVjeU5yQ2JBRwo2RkRSTkMrdG9TVVVpWWhtNmgyeXpuc3JOS0pQbHdqN2VGQ1JadFFSb0ErSHpWajBaTnRuQjBNRnhzcUsyeTdSClGnVVlXWmRaTmJSSFVyeTJ0VFk3RHM5UHlITncyU2p5ZERJd3ZCRUNnWUFOczYyM3B6SDdpMjNYdVU4Vm0raCsKVDZaNzBJVlREQ3dWTFM5VWZCUjN3dmhlbi9CWm1sTk00RUZCdnBJWE4xbVIxOFhGdFhPMjZuaWhkUGtvcUV4bApWNXlQbUxUVHhVbjNvWm02ZjJVUVJGUkVmS2lGRjFyR3lYY0VubGlrM3NTc2FGSUtrdDBNV3gwYVFrdy9jemJhCjJPNGcxRlZraFMreUdWVTUxcW9MQ1FLQmdDOHdwN3BJMjFIOUxTVStuTmUzbkxzUk81U0gra2dPQk9qeFdNRTYKUGErb3pUdEdjZTkza0R0K0NhbzQvaUtLa1hCYmc4SzM2OG5Gd1c2V09SRmVtbjBOSisybWZLQi94UlVrVFlRSgptNFh5OTQzL0ZWak5GYkxxa2wvcEcxbE42T2tmTm5rRCtBaEVvK2tvcWc4cTljSE5TbGhWeCtLMDZDSjJyUlQ3CkROK0JBb0dB63h1R3g5OHc0MENESWlHWmhDWGY0ZTRxTllWdVhTcm9YTDVpeWFkTDZka3BLSE9UUk5VSlBmSVYKZ1FDMy9rN0xYZkFjbTNqTktSS1huw2cveWxTd2N6RjFGYkZKb1hjNW9ackc5TE8yQXNSdGcxanByN1ZprlZNYwo0LzB5cEFSTmJqRzA4Y0I5bzBrbVBjUVExUHd4Q05EeXVONVRQYzRKejN3OHR5SnhTN289Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg
|
|
:secret_type: secret
|
|
|
|
include::../../../shared_content/secrets/description.adoc[]
|
|
|
|
== Why is this an issue?
|
|
|
|
include::../../../shared_content/secrets/rationale.adoc[]
|
|
|
|
=== What is the potential impact?
|
|
|
|
include::../../../shared_content/secrets/impact/generic_impact.adoc[]
|
|
|
|
== How to fix it
|
|
|
|
// 1. Revoke leaked secrets
|
|
|
|
include::../../../shared_content/secrets/fix/revoke.adoc[]
|
|
|
|
// 2. Analyze recent use to identify misuse
|
|
|
|
include::../../../shared_content/secrets/fix/recent_use.adoc[]
|
|
|
|
// 3. Use a secret vault in the future
|
|
|
|
include::../../../shared_content/secrets/fix/vault.adoc[]
|
|
|
|
// 4. Never hard-code secrets
|
|
|
|
include::../../../shared_content/secrets/fix/default.adoc[]
|
|
|
|
=== Code examples
|
|
|
|
include::../../../shared_content/secrets/examples.adoc[]
|
|
|
|
== Resources
|
|
|
|
include::../../../shared_content/secrets/resources/standards.adoc[]
|