Skip to content

Yandex Cloud API Key

Service Name: Yandex Cloud

Service Description: Yandex Cloud is a public cloud platform that provides infrastructure, storage, computing, and AI services. It offers a range of cloud services including virtual machines, managed databases, object storage, and machine learning tools.

Service Address: https://cloud.yandex.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the service level using Yandex Cloud's network security features.

Secret Access Scope: Grants programmatic access to Yandex Cloud resources and services, allowing management of cloud infrastructure, data storage, and other cloud services.

Secret Revokement URL: https://cloud.yandex.com/en/docs/iam/operations/api-key/delete

Secret Example: AQVN1XfF00000000gMs1GSy1a5HxRRRRRRRRRRRR

Suspicious Activity Investigation Instructions:

  • Review Yandex Cloud audit logs for unusual API calls or resource access.
  • Check for unauthorized resource creation or modification in your Yandex Cloud account.
  • Monitor for unexpected changes in billing or resource usage.
  • Examine access patterns for geographic anomalies or access from unusual locations.
  • Review network traffic to identify any suspicious data transfers.

Mitigation Instructions:

  • Immediately revoke the compromised API key through the Yandex Cloud console.
  • Navigate to the IAM section in the Yandex Cloud console.
  • Select Service accounts and locate the affected service account.
  • Delete the compromised API key.
  • Create a new API key with appropriate permissions if needed.
  • Review and update IAM policies to enforce the Principle of Least Privilege.
  • Enable additional security features like multi-factor authentication for your Yandex Cloud account.
  • Implement monitoring and alerting for suspicious activities in your Yandex Cloud environment.