defsec icon indicating copy to clipboard operation
defsec copied to clipboard

Published 20 hours ago verified publisher icon aquasecurity

check: GCP project level API key restrictions

Open ryan-jan opened this issue 2 years ago • 1 comments

Provider GCP

Severity MEDIUM

Short Code

  • no-project-level-api-keys
  • require-project-level-api-key-restrictions

Description As described in CIS 1.3 for GCP, project level API keys should not be created. In the rare situation where it is necessary to create an API key, the key should have explicit restrictions configured. This issue proposes two new checks for this.

Notes I have already started implementing the code for these rules in my personal fork and will raise a PR once my other PRs are merged providing these two new checks are approved/accepted.

Link https://cloud.google.com/docs/authentication/api-keys

ryan-jan avatar Sep 05 '22 08:09 ryan-jan

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] avatar Oct 05 '22 15:10 github-actions[bot]