| ▲ | hedora 6 hours ago | |
Is there an easy way to know if I'm vulnerable to this? Like some dashboard page that lists all the API keys with "revoke" buttons? I did something or another with a google API years ago, and am not looking forward to a random surprise bill. They don't have my credit card, so maybe that'd solve the problem. On the other hand, they could hold a gmail account hostage. | ||
| ▲ | drewnick 4 hours ago | parent [-] | |
You should definitely log in to Google Cloud Console and roll all the keys you see in there if you're unsure. I just did the same thing after I realized I had a lot of surface area with these keys. | ||