| CPC H04L 63/1416 (2013.01) | 17 Claims |
|
1. A method for cloud resource security, the method comprising:
recording, in an application programming interface (API) access log, for a request to a metadata server of respective metadata servers and from a first cloud resource of cloud resources (i) a resource identification of the first cloud resource, (ii) a first cloud provider identification of a first cloud provider that manages the first cloud resource, (iii) the metadata server identification associated with the metadata server, and (iv) a second cloud provider identification of a second cloud provider that manages the metadata server;
receiving, at a monitor device and from the first cloud resource of cloud resources hosted by the first cloud provider, a request for a token that uniquely identifies the first cloud resource, the request indicating a destination that is the metadata server, the metadata server provides secrets for accessing, from the first cloud resource, other cloud resources of the cloud resources;
comparing, based on entries in the API access log that details information of requests to access an API from the cloud resources, the first cloud provider and the second cloud provider; and
responsive to the first cloud provider being different from the second cloud provider performing a security mitigation action.
|