Google Cloud Support here. If you create Cloud project with a single owner (email), and that sole owner's account is deleted, the project is considered orphaned and will first be suspended, giving you some time to get touch with us if this was not intended, and then deleted after around 6 weeks. (Most running resources are stopped at suspension, but account data hangs around until deletion.)
I know this seems harsh, but there's really not a whole lot of other sensible options. The former owner can't be contacted, since the only email we have for them no longer works, and the project is literally unmaintainable, since nobody has admin rights to it anymore.
So TL;DR, for anything remotely important, please assign multiple owners and use role accounts (admin@corp) instead of users (bob@corp).
That is good to know, however my first reaction when reading this is we shouldn't be using G Suite for admin@corp or bob@corp, but rather if I am going to be seriously dependent on Google Cloud I should perhaps move e-mail for said @corp to Office365 (or whomever else actually does e-mail these days). I don't know what the solution/answer is here, but it worries me that actions (yes even bad spam-y TOS violating actions) that someone takes using our company's google accounts can ripple across the Google ecosystem and screw important parts of our company's infrastructure.
YMMV (and this is my personal view, not necessarily Google's), but in general you want to have resources associated with active owners. Otherwise when Bob leaves, and his zombie solo project which you no longer have any control over gets pwned, you're going to have an even bigger problem.
No one's denying that orphaned projects are a problem, but if deactivating an e-mail has downstream effects like this, you'd expect a warning or something before permitting account deactivation.
In my case, where the email was hosted in Google apps, it would have been helpful if Google apps had checked with GCE before allowing email deletion. After all, this is one of the situations where being within Google Eco-system should have been a good thing.
Agreed. Or force the user to have two registered e-mails in a GCE account at all times, unless they're explicitly deleting it. Doing things implicitly with no warning is simply terrible UX.
Why does Google not say "deleting this email will destroy these accounts attached to it"? Surely it can't be too hard to find which accounts an email is attached to, then check those accounts for other owners?
Why doesn't GCP force you to do this if it's best practice for anything remotely important? Surely your target customer generally is doing things that are quite important for them.
An email account could have ben recovered. Or you could have established identity of the user some other way, e.g. the credit card or the billing address.
This is triggered when the user account is deleted, not if they can't login/are suspended, for which the usual account recovery mechanisms apply.
By far the most common scenario for this to happen is that Bob leaves Corp, and Corp intentionally deletes his account. If Corp has set up billing sensibly, the project will have a central billing account whose admin will be notified, but if Bob signed up on his personal credit card, there is nobody to contact here either.
Look, if I a company owns BAR.COM and they delete FOO@BAR.COM they could recreate that account. Any other service in the world tied to that address will be recovered, except Google's own service.
You have knowledge the account belongs to BAR.COM company, why not contact them? How about a warning to the person deleting the account, telling them that a particular GC service is dependent on it? You know exactly what you plan to delete, after all. How about requiring at least two emails on the GC account so that there is an escape hatch? Can you think of any other ways of preventing this disaster?
Yeah, I get it, the user should have avoided that mistake. People make mistakes, it's the fact of life. You have built a minefield for your customers and left them to sort through the carnage of the explosion.
I know this seems harsh, but there's really not a whole lot of other sensible options. The former owner can't be contacted, since the only email we have for them no longer works, and the project is literally unmaintainable, since nobody has admin rights to it anymore.
So TL;DR, for anything remotely important, please assign multiple owners and use role accounts (admin@corp) instead of users (bob@corp).