Skip to content

Bamboo API Key

Service Name: Atlassian Bamboo

Service Description: Atlassian Bamboo is a continuous integration and deployment server that automates the building, testing, and deployment of software applications. It integrates with version control systems and provides build agents to run tests and deploy code.

Service Address: https://www.atlassian.com/software/bamboo

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the Bamboo instance level through Bamboo's security settings.

Secret Access Scope: Grants programmatic access to Bamboo resources, allowing users to trigger builds, access build results, manage plans, and perform other operations available through the Bamboo REST API.

Secret Revokement URL: https://confluence.atlassian.com/bamboo/personal-access-tokens-976779873.html

Secret Example: ATBBq0cxN7HvR5gXzYm9HpLT1234EXAMPLE

Suspicious Activity Investigation Instructions:

  • Review Bamboo audit logs for unusual API calls or access patterns
  • Check for unauthorized build plan modifications or deployments
  • Monitor for unexpected build triggers or configuration changes
  • Examine access logs for connections from unusual IP addresses or locations
  • Review any changes to build configurations or deployment environments

Mitigation Instructions:

  • Log in to your Bamboo instance as an administrator

  • Navigate to your user profile by clicking on your avatar in the top-right corner

  • Select "Personal access tokens" from the menu
  • Locate the compromised token in the list
  • Click the "Revoke" button next to the token
  • Create a new token with appropriate permissions if needed
  • Update any legitimate applications or scripts that were using the revoked token
  • Review and adjust token permissions to follow the principle of least privilege