Confluent Keys
Bridgecrew Policy ID: BC_GIT_32
Chekov Check ID: CKV_SECRET_32
Severity: LOW
Confluent Keys
Description
API keys for Confluent Cloud can be created with user and service accounts. A service account is intended to provide an identity for an application or service that needs to perform programmatic operations within Confluent Cloud. When moving to production, ensure that only service account API keys are used. Avoid user account API keys, except for development and testing. If a user leaves and a user account is deleted, all API keys created with that user account are deleted and might break applications.
Fix - Buildtime
Confluent Cloud
- From the appropriate API Access tab for the Kafka, Schema Registry, or ksqlDB resource, select the key that you want to delete.
- Click the trash icon. The Confirm API key deletion dialog appears.
- Click Confirm.
Updated 10 months ago