Tanzu API Key
Service Name: VMware Tanzu
Service Description: VMware Tanzu is a suite of products and services for modernizing applications and infrastructure with a common goal: deliver better software to production. It provides tools for building, running, and managing modern applications on any cloud.
Service Address: https://tanzu.vmware.com/
Validation Type: -
IP Allow list: IP restrictions can be configured at the VMware Tanzu platform level through network policies and access controls.
Secret Access Scope: Grants programmatic access to VMware Tanzu services, including Kubernetes clusters, application services, and management APIs.
Secret Revokement URL: https://docs.vmware.com/en/VMware-Tanzu/services/tanzu-api-management/GUID-index.html
Secret Example: tanzu-api-1234567890abcdef1234567890abcdef
Suspicious Activity Investigation Instructions:
- Review access logs in the Tanzu Mission Control or Tanzu Application Service dashboards
- Check for unauthorized cluster access or application deployments
- Monitor for unusual API calls or resource creation
- Examine audit logs for unexpected configuration changes
- Verify if there are any unauthorized users or service accounts created
Mitigation Instructions:
-
Log in to the VMware Tanzu portal or management console
-
Navigate to the API tokens or credentials management section
- Locate the compromised API key and revoke/delete it
- Generate a new API key if needed
- Update any legitimate applications or services using the old key
- Review and tighten access controls for API keys
- Consider implementing shorter rotation periods for API keys
- Enable additional security features like IP restrictions if available