07 Jan 2020 02:38 AM
just input for dynatrace.
during the creation of a new API token for cluster management, there are 2 access you can grant into the new token
1) Cluster token management
2) Service Provider API
if I choose both, it asks not to put all access into 1 token, for security reasons ok fine split into 2 tokens. Then Save.
Until I realize that another admin has the same token that I just generated.
what kind of security is this?
if 1 of the admin got hacked, we are doomed
Dynatrace Cluster version 1.178.128,20191030-143701
Solved! Go to Solution.
07 Jan 2020 02:56 PM
Hi Sebastian,
thanks for sharing your feedback. Indeed if a token gets leaked, you are doomed - that's why you should keep your tokens safe e.g. never store it as a plaintext in your configuration repository or scripts.
As the warning suggests - you should keep the scope of the token as low as possible to minimize the impact of token leakage.
Moreover, I encourage to implement a token rotation by using Cluster API (/tokens).
As you are all cluster administrators - you all should share same principles of security.
What else I can help you with?