Don't let a leaked API key
destroy your month.

CloudSentinel watches your Google Cloud API keys and shuts them down automatically if something looks wrong. Set a limit, we handle the rest.

Get Early Access — It's Free

No spam. No auto-charge. We'll reach out personally.

Takes 5 minutes to set up
No credit card required
Built for small teams
Request-based. Not billing-based.

The Problem

Google Cloud doesn't automatically shut down a leaked key. You have to catch it yourself.

By the time you notice, the damage is already done.

Budget alerts don't stop anything

They send you an email. Hours after the damage is done. There's no built-in way to automatically stop a key that's being abused.

Billing data arrives too late

Google's billing data can lag 4-12 hours. A leaked key can rack up thousands before a single alert fires.

You can't watch your keys 24/7

Attacks happen at night, on weekends, during holidays. Nobody is sitting at a dashboard waiting to manually revoke a key.

gcp-billing-monitor — live
[02:14:33] api_key: AIzaSy•••••••••
[02:14:33] requests_today: 1,240
[02:14:34] requests_today: 4,892
[02:14:35] requests_today: 19,442 ⚠ anomaly detected
[02:14:35] estimated_bill: $847.00
[02:14:36] estimated_bill: $3,291.00
[02:14:36] estimated_bill: $9,104.00
[02:14:37] STATUS: NO AUTOMATED RESPONSE
[02:14:37] STATUS: MANUAL INTERVENTION REQUIRED

Real Incidents

This has happened to real people.

These are real posts from real developers. One leaked key. No automatic kill switch.

$82,314
in 48 hours

A 3-person startup's Gemini API key was silently reauthorized. Normal monthly spend was $180.

Read the full story →
$55,444
over 3 months undetected

A student pushed their API key to a private GitHub repo that was accidentally public. They were on summer break and never saw the alerts.

Read the full story →
$60,000
unexpected charge

A developer got hit with a $60K unexpected cloud bill with no warning. No automatic protection existed to stop it.

Read the full story →
₹14,000
after free trial credits ran out

A first-time GCP user lost their entire $300 free trial credits to an accidentally left-running instance with no notification.

Read the full story →
These are publicly shared stories. Links go directly to the original Reddit posts.

How It Works

Set a limit. We watch it. Key gets shut down automatically.

Three steps. Takes about 5 minutes.

01

Connect your GCP project

Grant CloudSentinel a minimal role inside your project. It can read key info and shut down a specific key — nothing else.

02

Set a request limit per key

Tell us how many requests per minute looks normal for each key. We create a monitoring rule inside your own GCP project. Google watches your usage — we just listen.

03

Sleep without worrying

The moment a key crosses your limit, we shut it down automatically. You get an email. Your key is already dead. No console login, no manual action, no 3am panic.

How much control do you want?

Recommended

We handle the setup

Grant our role and we create the monitoring rules automatically. Set your limits in our dashboard, we do the rest.

Best for: teams who want zero setup

You handle the setup

Follow our step-by-step instructions to create your own monitoring rules. Grant us only the permission to shut down a key when triggered. Full control stays with you.

Best for: teams who want full control

We can't create keys. Ever.

Our access is intentionally limited to shutting keys down — not creating them. Even if CloudSentinel itself were compromised, an attacker could only remove access, never create new infrastructure in your project. And we can only delete the exact key you added — not any other key in your project. Your delete permission is scoped to a specific key resource name using GCP IAM Conditions — not your whole project.

Why CloudSentinel

Everything you need. Nothing you have to build.

Shuts down the exact key

Not your whole project, not all your keys. Just the one that crossed the limit. Everything else keeps running normally.

Works while you sleep

No Slack alert to miss. No console to log into. The key is shut down automatically within minutes of the threshold being crossed.

We never see your key values

We only work with key IDs and metadata. The actual key value is never exposed to us — that's a technical limitation of GCP, not just a policy we promise to follow.

PRICING

Simple pricing. Cheaper than one bad incident.

Early access members get 50% off their first 3 months. No credit card until we reach out personally.

🎉 Early Access — 50% off first 3 months. Limited to first 100 teams.

Starter

$9/mo$19/mo
3 GCP projects
10 API keys monitored
Request volume kill switch
Request-based threshold per key
Email alerts
Request Early Access
Most Popular

Pro

$24/mo$49/mo
10 GCP projects
Unlimited API keys
Request + alert kill switches
Webhook event logs
Priority email support
Request Early Access

Business

$49/mo$99/mo
Unlimited GCP projects
Unlimited API keys
Full webhook event history
Slack + PagerDuty alerts
Dedicated support
Request Early Access

FAQ

Common questions

We built CloudSentinel for developers who are skeptical by default. Good. Here are the hard questions answered.

Honestly, you should ask this. We request the minimum possible — read key metadata, create a monitoring rule, and delete one specific key when triggered. No log access, no data access, no ability to create keys ever. If granting us any setup access feels like too much, our Manual Setup option means you create the monitoring rules yourself and only give us permission to delete a specific key. That's it.
Use Manual Setup. You follow our step-by-step gcloud instructions, create the alerting policies yourself inside your own project, and grant CloudSentinel one permission only — delete a specific key when triggered. We never touch your project setup. Same protection, full control on your end.
No — and we built the architecture specifically to prevent this. We use GCP IAM Conditions to scope the delete permission to the exact key resource name. That means even if something went wrong on our end, the permission physically cannot touch any other key in your project.
Budget alerts email you — hours after the damage is done. They rely on billing data which GCP updates slowly, sometimes 4-12 hours behind. By the time the alert lands in your inbox, a leaked key could have already run up thousands. We monitor raw request count instead, which updates in near real-time. When your threshold is crossed, the key is already dead.
It works on any GCP API that uses API keys and shows up in Cloud Monitoring request count metrics — Gemini, Maps, Vision, and most other common ones. A heads up on BigQuery though: its pricing is complex and harder to catch purely through request count. For BigQuery we'd recommend using quota limits alongside CloudSentinel rather than relying on it alone.
You could — and if you want to, you should. This isn't magic. CloudSentinel is for the team that knows the risk is real but doesn't want to build, test, maintain, and debug this themselves. Same reason people use Stripe instead of building their own payments. The core mechanic isn't complex. The value is that it's already running so you don't have to think about it.
The announcement actually validates how real this problem has been. Worth noting though — Google's spending caps only cover the Gemini API. If you're using Maps, Vision, Firebase, Translate, or any other GCP API, there's still no native kill switch. CloudSentinel protects all GCP API keys, not just Gemini. And even for Gemini specifically, spending caps work at the billing level which still lags hours — we monitor raw request count in near real-time and revoke the exact key rather than stopping all your usage.

EARLY ACCESS

Reserve your spot before we launch.

Early access members get 50% off their first 3 months. We'll reach out personally — no spam, no auto-charge.

① You submit② We email you personally within 24 hours③ You get access before public launch

No credit card. No commitment. Just a conversation.