GCP Service Account Auth Key
Bridgecrew Policy ID: BC_GIT_79
Chekov Check ID: CKV_SECRET_79
Severity: MEDIUM
GCP Service Account Auth Key
Description
A Google Cloud Platform (GCP) service account auth key is a file that provides authentication credentials for a GCP service account. GCP service accounts are a way to authenticate and authorize applications and services running on GCP, and they can be used to access various GCP services, such as Cloud Storage, BigQuery, or Compute Engine.
Fix - Buildtime
GCP
To revoke the key
- Go to the GCP Console and navigate to the Service Accounts page.
- Find the service account associated with the auth key you want to revoke and click on it.
- Click on the "Keys" tab to see a list of all the auth keys associated with the service account.
- Find the auth key you want to revoke and click on the "Actions" button on the right side of the row.
- Select "Delete" from the dropdown menu.
- In the confirmation dialog that appears, click "Delete" to confirm the deletion of the auth key.
Updated about 1 month ago