๐ผ 1.13 Ensure API Keys Are Restricted To Use by Only Specified Hosts and Apps - Level 1 (Manual)
- Contextual name: ๐ผ 1.13 Ensure API Keys Are Restricted To Use by Only Specified Hosts and Apps - Level 1 (Manual)
- ID:
/frameworks/cis-gcp-v1.3.0/01/13 - Located in: ๐ผ 1 Identity and Access Management
Descriptionโ
Unrestricted keys are insecure because they can be viewed publicly, such as from within a browser, or they can be accessed on a device where the key resides. It is recommended to restrict API key usage to trusted hosts, HTTP referrers and apps.
Similarโ
- Internal
- ID:
dec-c-8df4bd26
- ID:
Sub Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|