All Products
Search

This Product

    Data Security Center:Configure alert notifications for abnormal AccessKey pair-based access

    Document Center

    Data Security Center:Configure alert notifications for abnormal AccessKey pair-based access

    Last Updated:Dec 13, 2024

    You can configure alert notifications for abnormal AccessKey pair-based access. If an unhandled event of abnormal AccessKey pair-based access is detected, Data Security Center (DSC) sends an alert notification to the required recipients to provide real-time threat intelligence. This helps the recipients identify object leaks at the earliest opportunity. Notifications can be sent only by email.

    Prerequisites

    The data detection and response feature is activated. For more information, see Enable data detection and response.

    Background information

    For more information about AccessKey pair leak detection and alerting, see Overview.

    Procedure

    1. Log on to the DSC console.

    2. In the left-side navigation pane, choose System Settings > Alert notification.

    3. On the Alert notification tab, click Create Alert Configuration.

    4. In the Add Alert Rule panel, select an alert method and configure the recipients.

      1. Select an alert method. Valid values: Mailbox and Text Message.

      2. Verify the recipients.

        To prevent alert notifications from being sent to an unauthorized email address or mobile phone number, you must enter a verification code to verify the ownership of the email address or mobile phone number before you add the email address or mobile phone number to the recipient list. Verified email addresses or mobile phone numbers are automatically added to the recipient list. Performs the following steps to complete verification:

        1. In the Email address verification or Mobile Number Verification field, enter the required information and click Get Verification Code.

        2. Enter the verification code in the verification code field and click Verification.

      3. In the Recipients section, add recipients from the Optional Recipients list to the Selected Recipients list.

    5. Configure the Alert Type and Maximum Alerts parameters and click OK.

      Parameter

      Description

      Alert Configurations

      Select Unusual AccessKey Pair Usage.

      Maximum Alerts

      The maximum number of notifications that can be sent for the alerts triggered by a single rule within 24 hours.

      Valid values: 0 to 10. Default value: 10. The accumulated number of notifications is cleared at 00:00 each day. If you set the parameter to 0, no alert notification is sent.

    What to do next

    1. View the leaked AccessKey pairs and the alert events generated for access to authorized OSS buckets by using leaked or specified AccessKey pairs. Identify the risks and take proper measures to mitigate the risks. For more information, see View leaked AccessKey pairs and alerts for abnormal AccessKey pair-based access.

    2. Based on the leaked AccessKey pairs and abnormal access behavior, take appropriate measures to handle the leaked AccessKey pairs and manage the access control policies of OSS buckets and objects. For more information, see Handle AccessKey pair leaks and alerts for abnormal access.