API

Google Cloud Service Account key created

Docs > Plateforme de sécurité Datadog > OOTB Rules > Google Cloud Service Account key created

Classification:

attack

Tactic:

TA0003-persistence

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Goal

Detect when a new service account key is created. An attacker could use this key as a backdoor to your account.

Strategy

This rule lets you monitor Google Cloud Admin activity audit logs to detect the creation of a service account key.

Triage and response

Contact the user who created the service account key to ensure they’re managing the key securely.

Changelog

31 January 2023 - Updated tags.