Tencent Cloud CAM Key
Service Name: Tencent Cloud
Service Description: Tencent Cloud is a cloud computing service provided by Tencent, offering a suite of cloud products including computing, data storage, security, and AI services. Cloud Access Management (CAM) is Tencent Cloud's permission and access management service.
Service Address: https://intl.cloud.tencent.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the CAM policy level to limit API access to specific IP ranges.
Secret Access Scope: Grants programmatic access to Tencent Cloud resources and services based on the permissions assigned to the associated CAM user or role.
Secret Revokement URL: https://console.cloud.tencent.com/cam/capi
Secret Example: AKIDz8krbsJ5yKBZQpn74WFkmLPx3EXAMPLE (SecretId) Gu5t9xGARNpq86cd98joQYCN3EXAMPLE (SecretKey)
Suspicious Activity Investigation Instructions:
- Review CloudAudit logs for unusual API calls or resource access.
- Check the Tencent Cloud Console for unexpected resource creation or modification.
- Monitor for unauthorized service usage or unusual traffic patterns.
- Review login history and API call history for the affected CAM user.
- Check for unexpected changes to CAM policies or permissions.
Mitigation Instructions:
- Log in to the Tencent Cloud Console and navigate to the CAM service.
- Select "API Keys" from the left navigation menu.
- Locate the compromised API key and select Disable to temporarily revoke access.
- Select Delete to permanently remove the compromised key.
- Create a new API key if needed.
- Review and update CAM policies to enforce the Principle of Least Privilege.
- Enable multi-factor authentication for all CAM users.
- Consider implementing IP restrictions for API access.
- Review and rotate all other API keys as a precaution.