Aiven API Key
Service Name: Aiven
Service Description: Aiven is a fully managed cloud database and messaging service provider offering PostgreSQL, MySQL, Elasticsearch, Cassandra, Kafka, Redis, InfluxDB, and other open-source data infrastructure as a service.
Service Address: [https://aiven.io/](https://aiven.io/)
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the service level through Aiven's VPC peering and private service connect features.
Secret Access Scope: Grants programmatic access to manage Aiven services, including creating, modifying, and deleting database instances, as well as accessing service metrics and logs.
Secret Revokement URL: [https://console.aiven.io/user/authentication](https://console.aiven.io/user/authentication)
Secret Example: avnadmin:a1v2n-01234567890abcdef01234567890abcdef
Suspicious Activity Investigation Instructions:
-
Review Aiven console audit logs for unusual service creation, modification, or deletion.
-
Check for unexpected changes to service configurations or user permissions.
-
Monitor for unusual API calls, especially those creating new services or modifying network settings.
-
Verify if there are any unexpected billing increases that might indicate unauthorized resource usage.
-
Review access logs for unusual IP addresses or access patterns.
Mitigation Instructions:
-
Log in to the Aiven console at [
https://console.aiven.io/](https://console.aiven.io/). -
Navigate to "User Settings" > "Authentication".
-
Locate the compromised API key in the list.
-
Click the "Delete" button next to the compromised key.
-
Create a new API key with appropriate permissions if needed.
-
Update all applications and services using the old key with the new one.
-
Consider implementing IP restrictions for API access if available.
-
Review and update access policies to follow the principle of least privilege.