💼 1.13 Ensure API Keys Are Restricted To Use by Only Specified Hosts and Apps - Level 1 (Manual)
- ID:
/frameworks/cis-gcp-v1.3.0/01/13
Description
Unrestricted keys are insecure because they can be viewed publicly, such as from within a browser, or they can be accessed on a device where the key resides. It is recommended to restrict API key usage to trusted hosts, HTTP referrers and apps.
Similar
- Sections
/frameworks/cis-gcp-v2.0.0/01/13/frameworks/cis-gcp-v1.2.0/01/13
- Internal
- ID:
dec-c-8df4bd26
- ID:
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 CIS GCP v1.2.0 → 💼 1.13 Ensure API keys are restricted to use by only specified Hosts and Apps - Level 1 (Manual) | 1 | no data | |||
| 💼 CIS GCP v2.0.0 → 💼 1.13 Ensure API Keys Are Restricted To Use by Only Specified Hosts and Apps - Level 2 (Manual) | 1 | no data |
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 CIS GCP v1.2.0 → 💼 1.13 Ensure API keys are restricted to use by only specified Hosts and Apps - Level 1 (Manual) | 1 | no data | |||
| 💼 CIS GCP v2.0.0 → 💼 1.13 Ensure API Keys Are Restricted To Use by Only Specified Hosts and Apps - Level 2 (Manual) | 1 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (1)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ Google API Key is not restricted for unspecified hosts and apps🟢⚪ | 🟢 x2, ⚪ x1 | no data |