Don't let a leaked API key
destroy your month.

CloudSentinel watches your Google Cloud API keys and shuts them down automatically if something looks wrong. Set a limit, we handle the rest.

Get Started FreeSign in

No credit card. No commitment. Just a conversation.

Takes 1 minute to set up
No credit card required
Built for small teams
Request-based. Not billing-based.

The Problem

Google Cloud doesn't automatically shut down a leaked key. You have to catch it yourself.

By the time you notice, the damage is already done.

Budget alerts don't stop anything

They send you an email. Hours after the damage is done. There's no built-in way to automatically stop a key that's being abused.

Billing data arrives too late

Google's billing data can lag 4-12 hours. A leaked key can rack up thousands before a single alert fires.

You can't watch your keys 24/7

Attacks happen at night, on weekends, during holidays. Nobody is sitting at a dashboard waiting to manually revoke a key.

gcp-billing-monitor — live
[02:14:33] api_key: AIzaSy•••••••••
[02:14:33] requests_today: 1,240
[02:14:34] requests_today: 4,892
[02:14:35] requests_today: 19,442 ⚠ anomaly detected
[02:14:35] estimated_bill: $847.00
[02:14:36] estimated_bill: $3,291.00
[02:14:36] estimated_bill: $9,104.00
[02:14:37] STATUS: NO AUTOMATED RESPONSE
[02:14:37] STATUS: MANUAL INTERVENTION REQUIRED

Real Incidents

This has happened to real people.

These are real posts from real developers. One leaked key. No automatic kill switch.

$128,000
overnight

A small company in Japan caught a compromised key at $44K and shut everything down. The charges didn't stop. By morning, $128,000 had accumulated. Google denied the adjustment request.

Read the full story →
$82,314
in 48 hours

A 3-person startup's Gemini API key was silently reauthorized. Normal monthly spend was $180.

Read the full story →
$55,444
over 3 months undetected

A student pushed their API key to a private GitHub repo that was accidentally public. They were on summer break and never saw the alerts.

Read the full story →
$60,000
unexpected charge

A developer got hit with a $60K unexpected cloud bill with no warning. No automatic protection existed to stop it.

Read the full story →
₹14,000
after free trial credits ran out

A first-time GCP user lost their entire $300 free trial credits to an accidentally left-running instance with no notification.

Read the full story →
These are publicly shared stories. Links go directly to the original Reddit posts.

How It Works

Set a limit. We watch it. Key gets shut down automatically.

Three steps. Takes about 5 minutes.

01

Connect your GCP project

Grant CloudSentinel a minimal role inside your project. It can read key info and shut down a specific key — nothing else.

02

Set a request limit per key

CloudSentinel polls your API usage every minute via GCP Cloud Monitoring. When a key crosses your threshold, revocation is triggered automatically.

03

Sleep without worrying

The moment a key crosses your limit, we shut it down automatically. You get an email. Your key is already dead. No console login, no manual action, no 3am panic.

How much control do you want?

Recommended

Automatic Import

Grant minimal read access to automatically import your API keys and fetch usage metrics. One command, zero manual data entry, and you're protected in seconds.

Best for: teams who want the fastest setup

Custom Permissions

Choose exactly which permissions to grant. You can skip read access entirely, enter your key IDs manually, and grant only the permission to revoke keys when triggered.

Best for: security-first teams with strict IAM policies

We can't create keys. Ever.

Our access is intentionally limited to shutting keys down — not creating them. Even if CloudSentinel itself were compromised, an attacker could only remove access, never create new infrastructure in your project. CloudSentinel uses a custom IAM role created exclusively for this purpose — with only apikeys.keys.delete permission. No read access. No create access. The minimum viable permission to do one job: kill a compromised key before the bill arrives.

Why CloudSentinel

Everything you need. Nothing you have to build.

Shuts down the exact key

Not your whole project, not all your keys. Just the one that crossed the limit. Everything else keeps running normally.

Real-time usage monitoring

CloudSentinel polls your API usage metrics directly via GCP Cloud Monitoring — detecting threshold breaches within 1 minute.

We never see your key values

We only work with key IDs and metadata. The actual key value is never exposed to us — that's a technical limitation of GCP, not just a policy we promise to follow.

PRICING

Simple pricing. Cheaper than one bad incident.

Early access members get 50% off their first 3 months. No credit card until we reach out personally.

🎉 Early Access — 50% off first 3 months. Limited to first 100 teams.

Starter

$9/mo$19/mo
  • 3 GCP projects
  • 10 API keys monitored
  • Automatic revocation
  • Email alert on revocation
  • Request-based threshold per key
  • Revocation history logs
  • Priority email support
  • Slack + PagerDuty alerts
  • Dedicated support
Get Started
Most Popular

Pro

$24/mo$49/mo
  • 10 GCP projects
  • Unlimited API keys
  • Automatic revocation
  • Email alert on revocation
  • Request-based threshold per key
  • Revocation history logs
  • Priority email support
  • Slack + PagerDuty alerts
  • Dedicated support
Get Started

Business

$49/mo$99/mo
  • Unlimited GCP projects
  • Unlimited API keys
  • Automatic revocation
  • Email alert on revocation
  • Request-based threshold per key
  • Revocation history logs
  • Priority email support
  • Slack + PagerDuty alerts
  • Dedicated support
Get Started

FAQ

Common questions

We built CloudSentinel for developers who are skeptical by default. Good. Here are the hard questions answered.

Honestly, you should ask this. We request the minimum possible — read your API key metadata, read your usage metrics, and delete one specific key when triggered. No log access, no data access, no ability to create keys ever. If granting us any setup access feels like too much, our Manual Setup option means you only give us permission to delete a specific key. That's it.
No. When a threshold is crossed, CloudSentinel looks up the exact key that triggered the breach by its credential ID and deletes only that key. Nothing else in your project is touched.
Budget alerts email you — hours after the damage is done. They rely on billing data which GCP updates slowly, sometimes 4-12 hours behind. By the time the alert lands in your inbox, a leaked key could have already run up thousands. We poll raw request count directly via Cloud Monitoring every minute. When your threshold is crossed, the key is already dead.
CloudSentinel polls your GCP project's API usage metrics every minute via Cloud Monitoring. When a key's request count exceeds your threshold, it is revoked automatically — no human intervention needed. Detection typically happens within 1-2 minutes of a breach.
It works on any GCP API that uses API keys and shows up in Cloud Monitoring request count metrics — Gemini, Maps, Vision, and most other common ones. A heads up on BigQuery though: its pricing is complex and harder to catch purely through request count. For BigQuery we'd recommend using quota limits alongside CloudSentinel rather than relying on it alone.
Use Manual Setup. You follow our step-by-step gcloud instructions and grant CloudSentinel one permission only — delete a specific key when triggered. We never touch your project setup. Same protection, full control on your end.
You could — and if you want to, you should. This isn't magic. CloudSentinel is for the team that knows the risk is real but doesn't want to build, test, maintain, and debug this themselves. Same reason people use Stripe instead of building their own payments. The core mechanic isn't complex. The value is that it's already running so you don't have to think about it.
The announcement actually validates how real this problem has been. Worth noting though — Google's spending caps only cover the Gemini API. If you're using Maps, Vision, Firebase, Translate, or any other GCP API, there's still no native kill switch. CloudSentinel protects all GCP API keys, not just Gemini. And even for Gemini specifically, spending caps work at the billing level which still lags hours — we monitor raw request count in near real-time and revoke the exact key rather than stopping all your usage.

Ready to protect your GCP API keys?

Set up in 5 minutes. 14-day free trial. No credit card required.

Create Your Free AccountAlready have an account? Sign in →