💼 1.12 Ensure API Keys Only Exist for Active Services - Level 2 (Automated)

Contextual name: 💼 1.12 Ensure API Keys Only Exist for Active Services - Level 2 (Automated)
ID: /frameworks/cis-gcp-v3.0.0/01/12
Located in: 💼 1 Identity and Access Management

Description

API Keys should only be used for services in cases where other authentication methods are unavailable. Unused keys with their permissions in tact may still exist within a project. Keys are insecure because they can be viewed publicly, such as from within a browser, or they can be accessed on a device where the key resides. It is recommended to use standard authentication flow instead.

Similar

Sections
- /frameworks/cis-gcp-v2.0.0/01/12
Internal
- ID: dec-c-377e5434

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS GCP v2.0.0 → 💼 1.12 Ensure API Keys Only Exist for Active Services - Level 2 (Automated)			1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS GCP v2.0.0 → 💼 1.12 Ensure API Keys Only Exist for Active Services - Level 2 (Automated)			1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 Google Project has API Keys 🟢	1	🟠 x1, 🟢 x5

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​