---
names: 
  full: "Google API Key is not rotated every 90 days"
  contextual: "API Key is not rotated every 90 days"
description: "API Keys should only be used for services in cases where other authentication methods \ 
  are unavailable. If they are in use it is recommended to rotate API keys every 90 days."
type: COMPLIANCE_POLICY
categories:
  - "SECURITY"
frameworkMappings:
  - /frameworks/cis-gcp-v4.0.0/01/15
  - /frameworks/cloudaware/secret-and-certificate-governance/expiration-management
  - /frameworks/nist-sp-800-53-r5/pl/08
  - /frameworks/nist-sp-800-53-r5/sa/08
  - /frameworks/pci-dss-v4.0/02/02/02
  - /frameworks/pci-dss-v4.0/06/02/01
  - /frameworks/iso-iec-27001-2022/08/27
  - /frameworks/nist-csf-v1.1/pr-ip/02
similarPolicies:
  cloudConformity:
    - url: "https://www.trendmicro.com/cloudoneconformity-staging/knowledge-base/gcp/CloudAPI/rotate-api-keys.html"
      name: "Rotate Google Cloud API Keys"