FaunaDB Admin Key
Service Name: FaunaDB
Service Description: FaunaDB is a flexible, developer-friendly, transactional database delivered as a secure, cloud API with native GraphQL. It's a globally distributed, serverless database that combines the scalability of NoSQL with the relational capabilities and ACID consistency of SQL databases.
Service Address: https://fauna.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level through Fauna's security settings.
Secret Access Scope: Admin keys grant full access to all databases, collections, indexes, and documents within a Fauna account. They can create, read, update, and delete any resource, as well as manage users, roles, and permissions.
Secret Revokement URL: https://dashboard.fauna.com/keys/
Secret Example: fnAEpgT9XAACEgMQQISoGGWqsFFCDfgurC9kRSM
Suspicious Activity Investigation Instructions:
- Review the Fauna Dashboard activity logs for unusual database operations.
- Check for unexpected database, collection, or index creation.
- Monitor for unusual query patterns or high-volume data access.
- Look for unauthorized user creation or permission changes.
- Examine API request logs for access from unfamiliar IP addresses or locations.
Mitigation Instructions:
- Immediately revoke the compromised admin key through the Fauna Dashboard.
- Create a new admin key with a different name to replace the compromised one.
- Review and update any applications or services using the old key.
- Consider implementing more granular access control by creating keys with limited scopes.
- Enable IP-based restrictions for your Fauna account if not already in place.
- Audit all database resources for unauthorized changes or data exfiltration.
- Implement monitoring and alerting for suspicious database activities.