💼 1.14 Ensure API keys are restricted to only APIs that application needs access - Level 1 (Manual)

ID: /frameworks/cis-gcp-v1.2.0/01/14

Description

API keys are insecure because they can be viewed publicly, such as from within a browser, or they can be accessed on a device where the key resides. It is recommended to restrict API keys to use (call) only APIs required by an application.

Similar

Sections
- /frameworks/cis-gcp-v1.3.0/01/14
Internal
- ID: dec-c-0d599691

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS GCP v1.3.0 → 💼 1.14 Ensure API Keys Are Restricted to Only APIs That Application Needs Access - Level 1 (Manual)			1		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS GCP v1.3.0 → 💼 1.14 Ensure API Keys Are Restricted to Only APIs That Application Needs Access - Level 1 (Manual)			1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ Google API Key is not restricted for unused APIs🟢	1	🟢 x6	no data

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​