tencent cloud

Feedback

Downloading Security Analysis Report

Last updated: 2021-12-08 10:38:45

    Overview

    You can download a user credential report to view the credential status of all Tencent Cloud sub-accounts and their sub-users, as well as the console login password, access key and account security settings. This report can also be used for compliance audit.

    Directions

    1. Log in to the CAM console, and click Overview in the left sidebar.
    2. In the “Security Analysis Report” module, click Download User Credential Report and complete identity verification as prompted. Then the report will be automatically generated.
    3. After downloading the report, you can view it locally.
      Note:

      A user credential report in CSV format is generated in the console every four hours. If you click Download User Credential Report within four hours after the last report is generated, you will get the same report rather than a new one.

    Report Format

    The user credential report is in CSV format. You can use common spreadsheet software to open the CSV file for further analysis or use the file programmatically and perform custom analysis.
    The CSV file contains the following information:

    Field Description Value
    AccountID Account ID Sub-account ID
    Username Username Sub-account username
    UserType User type
  • Sub-user: sub-user
  • Collaborator: collaborator
  • WeWork-Sub-user: WeCom sub-user
  • Message-receiver: message recipient
  • CreationTime Creation time Sample value: 2019/8/16 9:25:56
    PasswordEnabled Whether the console login password is enabled
  • TRUE: enabled
  • FALSE: disabled. Console access is disabled and the login password is not set.
  • not_supported: not supported. A WeCom sub-user logs in by scanning the QR code without a password. A message recipient only receives messages and does not have a password. A collaborator logs in as a root account and is not subject to this field.
  • PasswordLastRotation Time when the password was last modified
  • FALSE: Console access is disabled and the login password is not set.
  • not_supported: not supported. A WeCom sub-user logs in by scanning the QR code without a password. A message recipient only receives messages and does not have a password. A collaborator logs in as a root account and is not subject to this field.
  • LoginConsoleActive Whether console login is supported
  • TRUE: enabled
  • FALSE: disabled
  • not_supported: not supported. A message recipient only receives messages and does not have a login password. A collaborator logs in as a root account and is not subject to this field.
  • LoginProtectionActive Whether login protection is enabled
  • TRUE: enabled
  • FALSE: disabled
  • not_supported: not supported. A message recipient only receives messages and does not have a login password.
  • OperationProtectionActive Whether operation protection is enabled TRUE: enabled
    FALSE: disabled
    not_supported: not supported. A message recipient only receives messages and does not have a login password.
    MFADeviceActive Whether MFA is enabled
  • TRUE: enabled
  • FALSE: disabled
  • not_supported: not supported. A message recipient only receives messages and does not have a login password. The sub-user has not been bound to a mobile number or WeChat account.
  • Abnormal LoginsNumWithin30Days Whether suspicious login behavior is detected in 30 days
  • TRUE: suspicious login behavior detected
  • FALSE: suspicious login behavior not detected
  • AccessKey1SecretId SecretId of key 1 N/A: no key
    AccessKey1MayBeAtRisk Whether key 1 has leakage risk
  • TRUE: at risk
  • FALSE: no risk
  • N/A: no key 1
  • not_supported: not supported. A message recipient only receives messages and does not have a login password.
  • AccessKey1CreationTime Creation time of key 1
  • N/A: no key 1
  • not_supported: not supported. A message recipient only receives messages and does not have a login password.
  • AccessKey1Status Status of key 1
  • Active: enabled
  • Disable: disabled
  • N/A: no key 1
  • not_supported: not supported. A message recipient only receives messages and does not have a login password.
  • AccessKey1lastUsedDate Time when key 1 was last used
  • N/A: no key 1
  • not_supported: not supported. A message recipient only receives messages and does not have a login password.
  • AccessKey1CreatedOver90Days Whether key 1 has been created for over 90 days
  • N/A: no key 1
  • not_supported: not supported. A message recipient only receives messages and does not have a login password.
  • AccessKey1CreatedOver30Days Whether key 1 has been created for over 30 days
  • N/A: no key 1
  • not_supported: not supported. A message recipient only receives messages and does not have a login password.
  • AccessKey2SecretId SecretId of key 2 N/A: no key 2
    AccessKey2MayBeAtRisk Whether key 2 has leakage risk
  • TRUE: at risk
  • FALSE: no risk
  • N/A: no key 2
  • not_supported: not supported. A message recipient only receives messages and does not have a login password.
  • AccessKey2CreationTime Creation time of key 2
  • N/A: no key 2
  • not_supported: not supported. A message recipient only receives messages and does not have a login password.
  • AccessKey2Status Status of key 2
  • Active: enabled
  • Disable: disabled
  • N/A: no key 2
  • not_supported: not supported. A message recipient only receives messages and does not have a login password.
  • AccessKey2lastUsedDate Time when key 2 was last used
  • N/A: no key 2
  • not_supported: not supported. A message recipient only receives messages and does not have a login password.
  • AccessKey2CreatedOver90Days Whether key 2 has been created for over 90 days
  • N/A: no key 2
  • not_supported: not supported. A message recipient only receives messages and does not have a login password.
  • AccessKey2CreatedOver30Days Whether key 2 has been created for over 30 days
  • N/A: no key 2
  • not_supported: not supported. A message recipient only receives messages and does not have a login password.
  • Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support