Skip to main content

Documentation Index

Fetch the complete documentation index at: https://budecosystem-b7b14df4.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Security Model

API key security in Bud should combine product controls (mask/reveal, scoped keys, confirmations) with team process controls (ownership, rotation, least privilege).

Scope and ownership

  • Issue keys per project/team, not shared globally.
  • Assign clear owner for each key.

Expiry and budget

  • Prefer shorter expiry windows (30 days when possible).
  • Always set max budget for project keys to cap spend risk.

Secret handling

  • Keep keys masked by default; reveal only for immediate use.
  • Copy keys only in trusted environments.
  • Avoid posting keys in tickets, chat, or logs.

Lifecycle governance

  • Rotate keys on schedule and after incidents.
  • Delete obsolete keys promptly.
  • Review last-used metadata before decommissioning.

Team Runbook Essentials

  1. Define a key naming standard (team, system, environment).
  2. Standardize rotation windows.
  3. Document break-glass process for emergency revocation.
  4. Track key changes in change-management logs.
If a key is suspected compromised, rotate immediately, validate consumer cutover, and revoke the old key without waiting for regular cadence.