Akeyless Access ID
Service Name: Akeyless
Service Description: Akeyless is a unified secrets management platform that provides secure access to secrets, certificates, and encryption keys across hybrid and multi-cloud environments.
Service Address: [https://www.akeyless.io/](https://www.akeyless.io/)
Akeyless Access ID
AKEYLESS_ACCESS_ID
-
Validation Type: API Auth NHI Enriched
-
IP Allow list: Does not exist
-
Secret Access Scope: Grants access to the Akeyless Vault Management Platform and its resources.
-
Secret Revokement URL: Does not exist
-
Secret Example:
p-abcd1234567am -
Suspicious Activity Investigation Instructions:
-
Check the Akeyless audit logs for unauthorized access or unusual activities
- Review access patterns and API calls made using the compromised credentials
- Verify if any secrets were accessed or modified during the suspicious timeframe
-
Check for any new access keys or permissions that may have been created
-
Mitigation Instructions:
-
Immediately rotate the compromised access ID and key pair
- Revoke the compromised access ID through the Akeyless management console
- Review and update access policies to enforce the Principle of Least Privilege
- Enable additional authentication factors if available
- Update any applications or services using the compromised credentials