PlanetScale Token
Service Name: PlanetScale
Service Description: PlanetScale is a serverless database platform built on Vitess, a MySQL-compatible database system designed for horizontal scaling. It provides a cloud-hosted MySQL-compatible database service with features like branching, non-blocking schema changes, and automatic scaling.
Service Address: https://planetscale.com/
Validation Type: API Auth
IP Allow list: IP allow lists can be configured at the database level through PlanetScale's access control settings.
Secret Access Scope: PlanetScale tokens grant programmatic access to databases and can have different permission levels (read-only, read-write, or admin) depending on how they were created.
Secret Revokement URL: https://planetscale.com/docs/concepts/password-management#revoking-passwords
Secret Example: pscale_tkn_abcdefghijklmnopqrstuvwxyz0123456789
Suspicious Activity Investigation Instructions:
- Review the PlanetScale audit logs for unusual database access or operations
- Check for unexpected schema changes or data modifications
- Monitor for unusual query patterns or high-volume data access
- Verify if the token has been used from unexpected geographic locations
- Review database branch creation, merging, or deletion activities
Mitigation Instructions:
-
Log in to your PlanetScale account dashboard
-
Navigate to the database settings where the compromised token was created
- Locate the token in the "Passwords" section
- Click on the "Revoke" button next to the compromised token
- Create a new token with appropriate permissions to replace the revoked one
- Update any applications or services that were using the old token
- Consider implementing more restrictive permissions for the new token
- Enable IP allow listing for additional security if not already configured