Is it a best practice to set multiple API keys for various deployment methods in an organization?

Setting multiple API keys for various deployment methods in an organization is considered best practice as it enhances security and management of access to Datadog’s services. Each API key can be configured with a specific scope, allowing organizations to limit permissions according to the needs of each deployment environment or method. This granularity ensures that an API key has access only to the data and functionalities necessary for its specific purpose, reducing the risk of unintended access or abuse.

For example, a staging environment may require different monitoring capabilities than a production environment, and thus having separate API keys allows for tailored permissions. This approach also simplifies troubleshooting and auditing, as it is easier to track API usage and access patterns when keys are assigned specific purposes. Additionally, if one key is compromised, only the operations tied to that key would be at risk, not the entire system.

Implementing API keys with distinct scopes is a proactive way to enhance security, comply with organizational policies, and maintain operational integrity across various deployment workflows.