Merge pull request #11676 from keynslug/fix/EMQX-11026/secret-access-key-sensitive

fix(ftconf): also mark `secret_access_key` key as sensitive
2023-09-25 17:52:25 +04:00 · 2023-09-25 17:52:25 +04:00 · 349a6d906b
parent cedd90e89f ddf6cdc0a2
commit 349a6d906b
2 changed files with 5 additions and 0 deletions
--- a/apps/emqx_utils/src/emqx_utils.erl
+++ b/apps/emqx_utils/src/emqx_utils.erl
@ -632,6 +632,9 @@ is_sensitive_key(<<"proxy-authorization">>) -> true;
 is_sensitive_key(secret) -> true;
 is_sensitive_key("secret") -> true;
 is_sensitive_key(<<"secret">>) -> true;
+is_sensitive_key(secret_access_key) -> true;
+is_sensitive_key("secret_access_key") -> true;
+is_sensitive_key(<<"secret_access_key">>) -> true;
 is_sensitive_key(secret_key) -> true;
 is_sensitive_key("secret_key") -> true;
 is_sensitive_key(<<"secret_key">>) -> true;
@ -779,6 +782,7 @@ redact_test_() ->
        'proxy-authorization',
        secret,
        secret_key,
+        secret_access_key,
        security_token,
        token,
        bind_password
--- a/changes/ce/fix-11676.en.md
+++ b/changes/ce/fix-11676.en.md
@ -0,0 +1 @@
+Hide few pieces of sensitive information from debug-level logs.
				`@ -0,0 +1 @@`
				`Hide few pieces of sensitive information from debug-level logs.`