Today Google sent me a very alarmist email about some new feature they are turning on automatically. They had instructions on how to disable it, however it seems to require your projects to be in an organization.
My projects are not in an organization, I am the sole owner of these projects. Is it possible to disable this feature without an organization, I get permissions errors when I try, despite being the (sole) Owner of each of these projects.
It's not even clear whether this will be enabled for projects that aren't part of an organization. I actually wanted to opt in early for a particular project and found that I couldn't. Some more clarity would be appreciated.
My worry is that leaked key detectors routinely flag client side keys (like firebase configs that ship in your JS code directly, i.e. not secure at all), and it's not clear if this new feature is going to apply to these or not.
I never turned on a Google workspace for my domains, and it doesn't seem to be possible to make an organization anymore without that.
Technically those are not service account keys, so I would hazard a guess that they won't be affected, but it's still a valid concern.
Note that disabling all the service accounts will probably have unintended consequences, as they are used for all sorts of automation within Google Cloud. If you haven't created and downloaded keys for service accounts to be used elsewhere, you don't have anything to worry about. Also, the accounts representing real people (owners, editors, etc.) that you mentioned are normally not related/connected to service accounts.
The instructions can be found at the link OP shared, and yes, it appears you do need an organization.
The question is what happens if you don't have an organization? It also seems like you can no longer create an organization without signing up for additional services, now that workspace is not available for personal use.
They really need to improve their documentation to make the behavior clear.
Hi @zzorba, did you find out something new in the meantime? ๐