Hi everyone,
I'm facing a critical remediation blocker following a "Hijacked Resource" suspension on theproject. While I am eager to secure my environment and rotate all potentially compromised credentials, I am trapped in a redirect loop that prevents administrative action.
The Technical Problem:
Whenever I navigate to IAM & Admin or APIs & Services, the GCP Console performs a forced redirect to the suspension warning page. This means I cannot revoke existing API keys or Audit Service Account activity through the standard UI.
Investigation Status:
- Audit: Local
.envfiles and Git history have been reviewed, but I suspect a credential may have been intercepted or leaked elsewhere. - Timeline: Appeal submitted 7+ days ago; no response received. Production environment remains offline.
Seeking Expert Advice on:
- Programmatic Revocation: What is the specific
gcloudsyntax to force-delete all active API keys when the project status is "Suspended"? - Log Retrieval: Can I export Activity Logs or VPC Flow Logs via the SDK to pinpoint the source of the "abusive activity" and confirm the leak is plugged?
- Trust & Safety Contact: Is there a way to provide "Proof of Remediation" to the safety team when you are physically blocked from the UI tools needed to fix the issue?
I am ready to perform a full credential rotation immediately if I can bypass the console redirect. Any guidance from the community or the Google team would be appreciated.
