Terraform Cloud Token
Description
General
- Documentation: https://www.terraform.io/docs/cloud/users-teams-organizations/api-tokens.html
- Summary: Terraform is a product built by HashiCorp to help organizations manage their software infrastructure. This detector detects the three types of tokens used to interact with the API: user, teams and organization tokens.
- IPs allowlist: This feature is not described in the documentation.
- Scopes: The different scopes available for tokens are described in the access levels documentation.
Revoke the secret
Tokens can be revoked from the API. As an example, this is the request to revoke a user token.
Check for suspicious activity
Terraform doesn't provide a way to check for suspicious activity.
Details for Terraform Cloud Token
-
Family: token
-
Category: cloud_provider
-
Company: Terraform
-
High recall: True
-
Validity check available: True
-
Analyzer available: True
-
On-premise instances exist: True
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 1
-
Occurrences found for one million commits: 0.74
-
Prefixed: True
-
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- \.atlasv1\.
Examples
- text: |
"token": "yaALfD5CKdorzg.atlasv1.K1lUlJwaAZ0MAAIVakIUVJnfcwkrz9feswayIacpYfY6el7AM5QpUlgbbVoHFfnG8kQ"
apikey: yaALfD5CKdorzg.atlasv1.K1lUlJwaAZ0MAAIVakIUVJnfcwkrz9feswayIacpYfY6el7AM5QpUlgbbVoHFfnG8kQ
Secret Analyzer
Analysis Method
- Provider allows scopes enumeration: True
- Total network call count: 1
- Total call count may vary: False
HTTP Calls
Requests are designed to capture metadata and not to function effectively.
- GET: /api/v2/account/details
Other Calls
Non-HTTP queries or HTTP calls made through a third-party app (e.g., Python package). No other calls for this analyzer.
