Add Secret validation

[yrachelevi]

As a user I would like to know if the secret found is valid or not so I would be able to prioritize and remediate accordingly.
Description:
Associate the following data with the secret found:

1. Verification Status - if the secret could be check as it won't always be possible
2. Secret validity result (if the secret has found to be valid)

Secrets to add validation to:

• AWS secrets
• Azure secrets
• Google Cloud Platform secrets

[baruchiro]

Some of the secrets (such as Github) are stand-alone tokens, but some of them can be used only by combination (of Access Token and Secret Token, such as on AWS Console).

I need to think about how to validate those.

[baruchiro]

• AWS secrets must first be supported on gitleaks, see feat: add aws-secret-key rule gitleaks/gitleaks#1356.
• Azure secrets development is stuck, there is an open PR (1079 gitleaks/gitleaks#1291) and an issue (Gitleaks misses quite a few Azure rules. gitleaks/gitleaks#539)
• Google Cloud Platform personal access token is an SSH token, and it is an open problem to assign it to GCP and not a generic SSH.

[baruchiro]

To validate gcp-api-key, I'm not sure what will be the complete process, but try this:

curl \
  'https://youtube.googleapis.com/youtube/v3/search?part=snippet&key=YOUR_GCP_KEY' \
  --header 'Accept: application/json' \
  --compressed

It may return a message like: YouTube Data API v3 has not been used in project 123456 before or it is disabled which means this key is related to a project.