💼 1.12 Ensure API Keys Only Exist for Active Services - Level 2 (Automated)

ID: /frameworks/cis-gcp-v4.0.0/01/12

Stats

not available

Description

API Keys should only be used for services in cases where other authentication methods are unavailable. Unused keys with their permissions in tact may still exist within a project. Keys are insecure because they can be viewed publicly, such as from within a browser, or they can be accessed on a device where the key resides. It is recommended to use standard authentication flow instead.

Similar

Sections
- /frameworks/cis-gcp-v5.0.0/01/13
- /frameworks/cis-gcp-v3.0.0/01/12

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS GCP v3.0.0 → 💼 1.12 Ensure API Keys Only Exist for Active Services - Level 2 (Automated)			1		no data
💼 CIS GCP v5.0.0 → 💼 1.13 Ensure API Keys Only Exist for Active Services - Level 2 (Automated)			1		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS GCP v3.0.0 → 💼 1.12 Ensure API Keys Only Exist for Active Services - Level 2 (Automated)			1		no data
💼 CIS GCP v5.0.0 → 💼 1.13 Ensure API Keys Only Exist for Active Services - Level 2 (Automated)			1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ Google Project has API Keys🟢	1	🟠 x1, 🟢 x5	no data

Stats​

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​