Does anyone know if and how both the creation and usage of an AI Studio API Key is logged (in GCP_CLOUDAUDIT logs)?
Question
Logs for Google AI Studio Keys in Google Cloud?
+19- Community Manager
Hi
+11Regular AI Studio or Vertex AI Studio?
As the regular AI Studio exists outside of GCP, I would not expect API key creation to be logged to the Cloud Audit logs.
For Vertex AI Studio, the creation, modification, or deletion of an API key would be considered an Admin Activity and would be logged to GCP_CLOUDAUDIT. The actual use of the key to make requests is tracked via Data Access logs and would need to be enabled.
+9- Silver 2
I’m talking about API keys created at https://aistudio.google.com. You must provide a GCP Project ID when creating a key; that’s why I thought it could be logged in GCP audit logs.
If someone steals these keys, they can use them in their own tools.
According to Google's blog, threat actors could be targeting exactly this type of keys.
Login to the community
Login with SSO
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.