Skip to main content

💼 1.13 Ensure API Keys Are Restricted To Use by Only Specified Hosts and Apps - Level 1 (Manual)

Contextual name: 💼 1.13 Ensure API Keys Are Restricted To Use by Only Specified Hosts and Apps - Level 1 (Manual)
ID: /frameworks/cis-gcp-v1.3.0/01/13
Located in: 💼 1 Identity and Access Management

Description

Unrestricted keys are insecure because they can be viewed publicly, such as from within a browser, or they can be accessed on a device where the key resides. It is recommended to restrict API key usage to trusted hosts, HTTP referrers and apps.

Similar

Sections
- /frameworks/cis-gcp-v2.0.0/01/13
- /frameworks/cis-gcp-v1.2.0/01/13
Internal
- ID: dec-c-8df4bd26

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS GCP v1.2.0 → 💼 1.13 Ensure API keys are restricted to use by only specified Hosts and Apps - Level 1 (Manual)			1
💼 CIS GCP v2.0.0 → 💼 1.13 Ensure API Keys Are Restricted To Use by Only Specified Hosts and Apps - Level 2 (Manual)			1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS GCP v1.2.0 → 💼 1.13 Ensure API keys are restricted to use by only specified Hosts and Apps - Level 1 (Manual)			1
💼 CIS GCP v2.0.0 → 💼 1.13 Ensure API Keys Are Restricted To Use by Only Specified Hosts and Apps - Level 2 (Manual)			1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 Google API Key is not restricted for unspecified hosts and apps 🟢		🟢 x3

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections
Policies (1)