Hi, Google raised a security issue with us regarding a GCP service account which had been compromised and the key had been found here:
https://www.bountysource.com/teams/pulumi/issues. The issue no longer exists so I need some assistance understanding what the issue was. This service account is encrypted in my Pulumi scripts but I use GCP storage for backend.