Skip to content

Aiven API Key

Service Name: Aiven

Service Description: Aiven is a fully managed cloud database and messaging service provider offering PostgreSQL, MySQL, Elasticsearch, Cassandra, Kafka, Redis, InfluxDB, and other open-source data infrastructure as a service.

Service Address: [https://aiven.io/](https://aiven.io/)

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the service level through Aiven's VPC peering and private service connect features.

Secret Access Scope: Grants programmatic access to manage Aiven services, including creating, modifying, and deleting database instances, as well as accessing service metrics and logs.

Secret Revokement URL: [https://console.aiven.io/user/authentication](https://console.aiven.io/user/authentication)

Secret Example: avnadmin:a1v2n-01234567890abcdef01234567890abcdef

Suspicious Activity Investigation Instructions:

  • Review Aiven console audit logs for unusual service creation, modification, or deletion.

  • Check for unexpected changes to service configurations or user permissions.

  • Monitor for unusual API calls, especially those creating new services or modifying network settings.

  • Verify if there are any unexpected billing increases that might indicate unauthorized resource usage.

  • Review access logs for unusual IP addresses or access patterns.

Mitigation Instructions:

  • Log in to the Aiven console at [https://console.aiven.io/](https://console.aiven.io/).

  • Navigate to "User Settings" > "Authentication".

  • Locate the compromised API key in the list.

  • Click the "Delete" button next to the compromised key.

  • Create a new API key with appropriate permissions if needed.

  • Update all applications and services using the old key with the new one.

  • Consider implementing IP restrictions for API access if available.

  • Review and update access policies to follow the principle of least privilege.