Added AWS credentials pre-commit hook

.git-hooks/README.md

@@ -0,0 +1,11 @@
+### Git Hooks
+
+Please set up your local pre-commit git hook as below
+
+```shell
+git config --local core.hooksPath .git-hooks
+```
+
+Enabled hooks:
+
+- AWS credentials protection from accidental commit

.git-hooks/pre-commit

@@ -0,0 +1,55 @@
+#!/bin/bash
+
+if git rev-parse --verify HEAD >/dev/null 2>&1
+then
+    against=HEAD
+else
+    # Initial commit: diff against an empty tree object
+    EMPTY_TREE=$(git hash-object -t tree /dev/null)
+    against=$EMPTY_TREE
+fi
+
+# Redirect output to stderr.
+exec 1>&2
+
+# Check changed files for an AWS keys
+FILES=$(git diff --cached --name-only $against)
+echo $FILES
+
+local aws="(AWS|aws|Aws)?_?" quote="(\"|')" connect="\s*(:|=>|=)\s*"
+local opt_quote="${quote}?"
+
+if [ -n "$FILES" ]; then
+    KEY_ID=$(grep -E --line-number '(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}' $FILES)
+    KEY=$(grep -E --line-number "${opt_quote}${aws}(SECRET|secret|Secret)?_?(ACCESS|access|Access)?_?(KEY|key|Key)${opt_quote}${connect}${opt_quote}[A-Za-z0-9/\+=]{40}${opt_quote}" $FILES)
+
+    echo $KEY_ID
+    echo $KEY
+
+    if [ -n "$KEY_ID" ] || [ -n "$KEY" ]; then
+        exec < /dev/tty # Capture input
+        echo "=========== Possible AWS Access Key IDs ==========="
+        echo "${KEY_ID}"
+        echo ""
+
+        echo "=========== Possible AWS Secret Access Keys ==========="
+        echo "${KEY}"
+        echo ""
+
+        while true; do
+            read -p "[AWS Key Check] Possible AWS keys found. Commit files anyway? (y/N) " yn
+            if [ "$yn" = "" ]; then
+                yn='N'
+            fi
+            case $yn in
+                [Yy] ) exit 0;;
+                [Nn] ) exit 1;;
+                * ) echo "Please answer y or n for yes or no.";;
+            esac
+        done
+        exec <&- # Release input
+    fi
+fi
+
+# Normal exit
+exit 0