added resource type mapping to extraData in AWS

pkg/detectors/aws/aws.go

@@ -22,6 +22,22 @@ type scanner struct {
 	skipIDs            map[string]struct{}
 }
 
+// resourceTypes derived from: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-unique-ids
+var resourceTypes = map[string]string{
+	"ABIA": "AWS STS service bearer token",
+	"ACCA": "Context-specific credential",
+	"AGPA": "User group",
+	"AIDA": "IAM user",
+	"AIPA": "Amazon EC2 instance profile",
+	"AKIA": "Access key",
+	"ANPA": "Managed policy",
+	"ANVA": "Version in a managed policy",
+	"APKA": "Public key",
+	"AROA": "Role",
+	"ASCA": "Certificate",
+	"ASIA": "Temporary (AWS STS) access key IDs",
+}
+
 func New(opts ...func(*scanner)) *scanner {
 	scanner := &scanner{
 		skipIDs: map[string]struct{}{},
@@ -115,12 +131,19 @@ func (s scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 				Raw:          []byte(resIDMatch),
 				Redacted:     resIDMatch,
 				RawV2:        []byte(resIDMatch + resSecretMatch),
+				ExtraData: map[string]string{
+					"resource_type": resourceTypes[resIDMatch[0:4]],
+				},
 			}
 
 			if verify {
 				verified, extraData, verificationErr := s.verifyMatch(ctx, resIDMatch, resSecretMatch, true)
 				s1.Verified = verified
-				s1.ExtraData = extraData
+				//Append the extraData to the existing ExtraData map.
+				// This will overwrite with the new verified values.
+				for k, v := range extraData {
+					s1.ExtraData[k] = v
+				}
 				s1.VerificationError = verificationErr
 			}
 

pkg/detectors/aws/aws_test.go

@@ -61,9 +61,11 @@ func TestAWS_FromChunk(t *testing.T) {
 					Verified:     true,
 					Redacted:     "AKIASP2TPHJSQH3FJRUX",
 					ExtraData: map[string]string{
-						"account": "171436882533",
-						"arn":     "arn:aws:iam::171436882533:user/canarytokens.com@@4dxkh0pdeop3bzu9zx5wob793",
-						"user_id": "AIDASP2TPHJSUFRSTTZX4",
+						"resource_type":  "Access key",
+						"rotation_guide": "https://howtorotate.com/docs/tutorials/aws/",
+						"account":        "171436882533",
+						"arn":            "arn:aws:iam::171436882533:user/canarytokens.com@@4dxkh0pdeop3bzu9zx5wob793",
+						"user_id":        "AIDASP2TPHJSUFRSTTZX4",
 					},
 				},
 			},
@@ -82,7 +84,7 @@ func TestAWS_FromChunk(t *testing.T) {
 					DetectorType: detectorspb.DetectorType_AWS,
 					Verified:     false,
 					Redacted:     "AKIASP2TPHJSQH3FJRUX",
-					ExtraData:    nil,
+					ExtraData:    map[string]string{"resource_type": "Access key"},
 				},
 			},
 			wantErr: false,
@@ -111,15 +113,20 @@ func TestAWS_FromChunk(t *testing.T) {
 					DetectorType: detectorspb.DetectorType_AWS,
 					Verified:     false,
 					Redacted:     "AKIASP2TPHJSQH3FJXYZ",
+					ExtraData: map[string]string{
+						"resource_type": "Access key",
+					},
 				},
 				{
 					DetectorType: detectorspb.DetectorType_AWS,
 					Verified:     true,
 					Redacted:     "AKIASP2TPHJSQH3FJRUX",
 					ExtraData: map[string]string{
-						"account": "171436882533",
-						"arn":     "arn:aws:iam::171436882533:user/canarytokens.com@@4dxkh0pdeop3bzu9zx5wob793",
-						"user_id": "AIDASP2TPHJSUFRSTTZX4",
+						"resource_type":  "Access key",
+						"rotation_guide": "https://howtorotate.com/docs/tutorials/aws/",
+						"account":        "171436882533",
+						"arn":            "arn:aws:iam::171436882533:user/canarytokens.com@@4dxkh0pdeop3bzu9zx5wob793",
+						"user_id":        "AIDASP2TPHJSUFRSTTZX4",
 					},
 				},
 			},
@@ -150,9 +157,11 @@ func TestAWS_FromChunk(t *testing.T) {
 					Verified:     true,
 					Redacted:     "AKIASP2TPHJSQH3FJRUX",
 					ExtraData: map[string]string{
-						"account": "171436882533",
-						"arn":     "arn:aws:iam::171436882533:user/canarytokens.com@@4dxkh0pdeop3bzu9zx5wob793",
-						"user_id": "AIDASP2TPHJSUFRSTTZX4",
+						"resource_type":  "Access key",
+						"rotation_guide": "https://howtorotate.com/docs/tutorials/aws/",
+						"account":        "171436882533",
+						"arn":            "arn:aws:iam::171436882533:user/canarytokens.com@@4dxkh0pdeop3bzu9zx5wob793",
+						"user_id":        "AIDASP2TPHJSUFRSTTZX4",
 					},
 				},
 				{
@@ -176,6 +185,9 @@ func TestAWS_FromChunk(t *testing.T) {
 					DetectorType: detectorspb.DetectorType_AWS,
 					Verified:     false,
 					Redacted:     "AKIASP2TPHJSQH3FJRUX",
+					ExtraData: map[string]string{
+						"resource_type": "Access key",
+					},
 				},
 			},
 			wantErr: false,
@@ -207,6 +219,9 @@ func TestAWS_FromChunk(t *testing.T) {
 					DetectorType: detectorspb.DetectorType_AWS,
 					Verified:     false,
 					Redacted:     "AKIASP2TPHJSQH3FJRUX",
+					ExtraData: map[string]string{
+						"resource_type": "Access key",
+					},
 				},
 			},
 			wantErr:               false,
@@ -225,6 +240,9 @@ func TestAWS_FromChunk(t *testing.T) {
 					DetectorType: detectorspb.DetectorType_AWS,
 					Verified:     false,
 					Redacted:     "AKIASP2TPHJSQH3FJRUX",
+					ExtraData: map[string]string{
+						"resource_type": "Access key",
+					},
 				},
 			},
 			wantErr:               false,
@@ -243,6 +261,9 @@ func TestAWS_FromChunk(t *testing.T) {
 					DetectorType: detectorspb.DetectorType_AWS,
 					Verified:     false,
 					Redacted:     "AKIASP2TPHJSQH3FJRUX",
+					ExtraData: map[string]string{
+						"resource_type": "Access key",
+					},
 				},
 			},
 			wantErr:               false,
@@ -262,9 +283,11 @@ func TestAWS_FromChunk(t *testing.T) {
 					Verified:     true,
 					Redacted:     "AKIASP2TPHJSQH3FJRUX",
 					ExtraData: map[string]string{
-						"account": "171436882533",
-						"arn":     "arn:aws:iam::171436882533:user/canarytokens.com@@4dxkh0pdeop3bzu9zx5wob793",
-						"user_id": "AIDASP2TPHJSUFRSTTZX4",
+						"resource_type":  "Access key",
+						"rotation_guide": "https://howtorotate.com/docs/tutorials/aws/",
+						"account":        "171436882533",
+						"arn":            "arn:aws:iam::171436882533:user/canarytokens.com@@4dxkh0pdeop3bzu9zx5wob793",
+						"user_id":        "AIDASP2TPHJSUFRSTTZX4",
 					},
 				},
 			},