Back to All Scenarios
PASSEDcloud / gcp_iam
GCP: GCP Service Account Key Expired
A GCP service account key used by the application expired. All GCP API calls from the application failing with authentication errors.
Pattern
CLIENT_ERROR
Expected: GCP_AUTH_FAILURE
Severity
MEDIUM
Confidence
68%
Remediation
Auto-Heal
Test Results
| Metric | Expected | Actual | Result |
|---|---|---|---|
| Pattern Recognition | GCP_AUTH_FAILURE | CLIENT_ERROR | |
| Severity Assessment | CRITICAL | MEDIUM | |
| Incident Correlation | N/A | None | |
| Cascade Escalation | N/A | No | |
| Remediation | — | Auto-Heal — Corax resolves autonomously |
Scenario Conditions
GCP service account 'app-sa@project.iam.gserviceaccount.com'. Key file created 12 months ago. Key auto-expired per org policy. New key not generated.
Injected Error Messages (1)
GCP service account auth failure — key for 'app-sa@project.iam' expired per org policy (12-month max lifetime), all GCP API calls returning 401 Unauthorized, Cloud Storage/Pub\/Sub/BigQuery operations failing
Neural Engine Root Cause Analysis
Client error detected — the server is returning 4xx errors, which may indicate misconfigured authentication, missing routes, or access control issues.
Remediation Plan
Check if authentication credentials or tokens have expired. Verify endpoint configuration and access permissions.
Improvements Applied
- Pattern classified as CLIENT_ERROR (expected GCP_AUTH_FAILURE)
- Severity: MEDIUM (expected CRITICAL)
Tested: 2026-04-02Monitors: 1 | Incidents: 1Test ID: cmnhnr8vc09btlig71diuitj5