Tencent Cloud API Key
Service Name: Tencent Cloud
Service Description: Tencent Cloud is a secure, reliable and high-performance cloud computing service provided by Tencent, offering a comprehensive suite of cloud products including computing, storage, networking, databases, big data, and AI services.
Service Address: https://intl.cloud.tencent.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the CAM (Cloud Access Management) level for API access.
Secret Access Scope: Grants programmatic access to Tencent Cloud resources and services based on the permissions associated with the API key.
Secret Revokement URL: https://console.cloud.tencent.com/cam/capi
Secret Example: AKIDz8krbsJ5yKBZQpn74WFkmLPx3EXAMPLE (SecretId) Gu5t9xGARNpq86cd98joQYCN3EXAMPLE (SecretKey)
Suspicious Activity Investigation Instructions:
- Review CloudAudit logs for unusual API calls or resource access.
- Check the Tencent Cloud Console for unexpected resource creation or modification.
- Monitor for unauthorized service usage or unusual traffic patterns.
- Review billing information for unexpected charges or resource usage.
- Check for API calls from unfamiliar IP addresses or locations.
Mitigation Instructions:
- Log in to the Tencent Cloud Console.
- Navigate to the CAM (Cloud Access Management) service.
- Select "API Keys" from the left navigation menu.
- Locate the compromised API key and select Disable to temporarily deactivate it.
- Select Delete to permanently remove the compromised key.
- Create a new API key with appropriate permissions.
- Update all legitimate applications and services to use the new API key.
- Review and update IAM policies to follow the Principle of Least Privilege.
- Consider implementing API key rotation policies.
- Enable multi-factor authentication for all user accounts with access to API keys.