Home > Software design >  Restric GCP API Key To A Subset Of Endpoints For A Given API
Restric GCP API Key To A Subset Of Endpoints For A Given API

Time:10-26

As per the docs on Adding API Restrictions to API keys, I have specified a single GCP API that I'd like a particular API key to be able to operate on (in my case; Error Reporting).

However the Error Reporting REST API has a lot of capabilities that I'd rather not allow this API key to operate on ... in fact, there's only a single endpoint in that REST API that I'd like to allow my API key to call.

Thus, how do I restrict an API key to only access a subset of endpoints for a given GCP API.

CodePudding user response:

You cannot.

APIs apply to a set of services and for each, all of its methods.

If you can, you should consider using a more precise credential like a Service Account.

CodePudding user response:

In the Error Reporting API, if you want to further restrict the API Key so that it can only call certain methods of the REST API, then further restrictions can be added to the API key by optionally specifying the methods in the Error Reporting service.

  • Related