πΌ 3.1.6 Ensure that usage is restricted and expiry is enforced for Databricks personal access tokens (Manual)
- Contextual name: πΌ 3.1.6 Ensure that usage is restricted and expiry is enforced for Databricks personal access tokens (Manual)
- ID:
/frameworks/cis-azure-v4.0.0/03/01/06
- Located in: πΌ 3.1 Azure Databricks
Descriptionβ
Databricks personal access tokens (PATs) provide API-based authentication for users and applications. By default, users can generate API tokens without expiration, leading to potential security risks if tokens are leaked, improperly stored, or not rotated regularly.
To mitigate these risks, administrators should: β’ Restrict token creation to approved users and service principals. β’ Enforce expiration policies to prevent long-lived tokens. β’ Monitor token usage and revoke unused or compromised tokens.
Similarβ
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (1)β