chore(docs): improve allowlist suggestion (#2466)

2026-02-10 06:45:08 +00:00 · 2023-06-09 13:07:28 +02:00
parent cc31872a7f
commit 9cda78e561
3 changed files with 3 additions and 3 deletions
--- a/docs/tutorials/allowlist.md
+++ b/docs/tutorials/allowlist.md
@@ -45,7 +45,7 @@ You can use `-w`/`--allowlist-file` with the path of your allowlist yaml file, b
              Resources:
                - "ci-logs"           # Will ignore bucket "ci-logs" AND ALSO bucket "ci-logs-replica" in specified check and regions
                - "logs"              # Will ignore EVERY BUCKET containing the string "logs" in specified check and regions
-                - "[[:alnum:]]+-logs" # Will ignore all buckets containing the terms ci-logs, qa-logs, etc. in specified check and regions
+                - ".+-logs"           # Will ignore all buckets containing the terms ci-logs, qa-logs, etc. in specified check and regions
            "*":
              Regions:
                - "*"
--- a/prowler/config/allowlist.yaml
+++ b/prowler/config/allowlist.yaml
@@ -36,7 +36,7 @@ Allowlist:
          Resources:
            - "ci-logs"           # Will ignore bucket "ci-logs" AND ALSO bucket "ci-logs-replica" in specified check and regions
            - "logs"              # Will ignore EVERY BUCKET containing the string "logs" in specified check and regions
-            - "[[:alnum:]]+-logs" # Will ignore all buckets containing the terms ci-logs, qa-logs, etc. in specified check and regions
+            - ".+-logs"           # Will ignore all buckets containing the terms ci-logs, qa-logs, etc. in specified check and regions
        "*":
          Regions:
            - "*"
--- a/tests/providers/aws/lib/allowlist/fixtures/allowlist.yaml
+++ b/tests/providers/aws/lib/allowlist/fixtures/allowlist.yaml
@@ -26,7 +26,7 @@ Allowlist:
          Resources:
            - "ci-logs"           # Will ignore bucket "ci-logs" AND ALSO bucket "ci-logs-replica" in specified check and regions
            - "logs"              # Will ignore EVERY BUCKET containing the string "logs" in specified check and regions
-            - "[[:alnum:]]+-logs" # Will ignore all buckets containing the terms ci-logs, qa-logs, etc. in specified check and regions
+            - ".+-logs"           # Will ignore all buckets containing the terms ci-logs, qa-logs, etc. in specified check and regions

 # EXAMPLE: CONTROL TOWER (to migrate)
 # When using Control Tower, guardrails prevent access to certain protected resources. The allowlist