Tencent Cloud Keys
Service Name: Tencent Cloud
Service Description: Tencent Cloud is a secure, reliable and high-performance cloud computing service provided by Tencent, offering a comprehensive suite of cloud products including computing, storage, networking, databases, big data, and AI services.
Service Address: https://intl.cloud.tencent.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured through Tencent Cloud Access Management (CAM) policies to limit API access by source IP address.
Secret Access Scope: Grants programmatic access to Tencent Cloud resources and services through API calls. The scope depends on the permissions assigned to the associated account.
Secret Revokement URL: https://console.cloud.tencent.com/cam/capi
Secret Example:
SecretId: AKIDz8krbsJ5yKBZQpn74WFkmLPx3EXAMPLESecretKey: Gu5t9xGARNpq86cd98joQYCN3EXAMPLE
Suspicious Activity Investigation Instructions:
- Review CloudAudit logs for unusual API calls or resource access
- Check for unauthorized instances, databases, or other resources created in your account
- Monitor for unexpected spikes in resource usage or billing
- Review network traffic patterns for unusual outbound connections
- Check for changes to security groups, network ACLs, or IAM policies
Mitigation Instructions:
- Log in to the Tencent Cloud Console
- Navigate to Cloud Access Management (CAM)
- Select "API Keys" from the left navigation menu
- Locate the compromised API key and click "Disable" or "Delete"
- Create a new API key if needed
- Review and update the permissions associated with the user account
- Enable multi-factor authentication (MFA) for the account
- Consider implementing the Principle of Least Privilege for all API keys.
- Set up CloudAudit to monitor for suspicious activities
- Review and update security policies to prevent future compromises