Skip to content

Cloudant Credentials

Service Name: IBM Cloudant

Service Description: IBM Cloudant is a fully managed, distributed database service that is based on Apache CouchDB. It's designed for modern web and mobile applications that require seamless data synchronization and offline capabilities.

Service Address: https://www.ibm.com/cloud/cloudant

Validation Type: API Auth

IP Allow list: IP restrictions can be configured through IBM Cloud IAM policies and network access policies.

Secret Access Scope: Grants programmatic access to Cloudant databases, including the ability to create, read, update, and delete documents, as well as manage database configurations.

Secret Revokement URL: https://cloud.ibm.com/docs/Cloudant?topic=Cloudant-service-credentials

Secret Example:

{
  "username": "58a4d8b7-5e10-4b7f-9de8-f93c4e5fb9c7-bluemix",
  "password": "7a93f2d579b9a0b9f80df257cc56fd07cb0ca272fc8ae6a1",
  "host": "58a4d8b7-5e10-4b7f-9de8-f93c4e5fb9c7-bluemix.cloudantnosqldb.appdomain.cloud",
  "port": 443,
  "url": "https://58a4d8b7-5e10-4b7f-9de8-f93c4e5fb9c7-bluemix:7a93f2d579b9a0b9f80df257cc56fd07cb0ca272fc8ae6a1@58a4d8b7-5e10-4b7f-9de8-f93c4e5fb9c7-bluemix.cloudantnosqldb.appdomain.cloud"
}

Suspicious Activity Investigation Instructions:

  • Review Cloudant activity logs for unauthorized database access or modifications.
  • Check for unusual query patterns or data extraction operations.
  • Monitor for unexpected database creation, deletion, or permission changes.
  • Verify if there are any unexpected replications set up to external databases.
  • Examine authentication logs for failed login attempts or access from unusual locations.

Mitigation Instructions:

  • Immediately revoke the compromised service credentials through the IBM Cloud dashboard.
  • Create new service credentials with appropriate access levels.
  • Update all applications using the old credentials to use the new ones.
  • Enable IAM authentication if not already in use for better access control.
  • Implement IP allowlisting to restrict access to trusted networks only.
  • Review and update database permissions to ensure Principle of Least Privilege access.
  • Enable audit logging to monitor future database activities.
  • Consider implementing database encryption for sensitive data.