API Gateway Key
Service Name: API Gateway
Service Description: API Gateway is a service that enables developers to create, publish, maintain, monitor, and secure APIs at any scale. It acts as a "front door" for applications to access data, business logic, or functionality from backend services.
Service Address: This varies by cloud provider (AWS, Azure, Google Cloud, etc.) as many offer API Gateway services.
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the API Gateway level to limit which IP addresses or ranges can access your APIs.
Secret Access Scope: Grants access to specific API endpoints and resources as defined by the API Gateway configuration. The scope depends on what APIs the key is authorized to access.
Secret Revokement URL: Varies by provider. For example: - AWS: https://docs.aws.amazon.com/apigateway/latest/developerguide/api- gateway-setup-api-key-with-console.html - Azure: https://learn.microsoft.com/en-us/azure/api-management/api- management-howto-create-subscriptions
Secret Example: a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
Suspicious Activity Investigation Instructions:
- Review API Gateway logs for unusual request patterns or volumes
- Check for access from unexpected geographic locations or IP addresses
- Monitor for unusual API call rates or patterns that differ from normal usage
-
Look for attempts to access unauthorized endpoints or resources
-
Examine request headers and parameters for signs of injection attacks or
malicious payloads
Mitigation Instructions:
- Immediately revoke the compromised API key through your provider's management console
- Generate a new API key with appropriate permissions
- Update all legitimate applications to use the new API key
- Implement more restrictive access policies (IP restrictions, rate limiting)
- Consider implementing additional authentication methods like OAuth 2.0 or JWT
- Review and update API Gateway logging and monitoring settings
- Implement API request validation to prevent malicious inputs