We are a Google Workspace/Cloud customer using Google AI Studio through our corporate project. I has identified a gap in administrative controls around the “Share your app” feature.
Problem:
Any user with access to AI Studio Build can toggle “General access” to “Public: Anyone with the link can view” without any deployment step (no Cloud Run involved). This exposes the app’s source code, system instructions, prompts, and any embedded logic to anyone with the link. We recently had an incident where proprietary code was inadvertently exposed this way.
Current workarounds are insufficient:
Organization Policies (Domain Restricted Sharing, Cloud Run constraints) don’t apply — the sharing happens entirely inside AI Studio, not via Google Cloud resources.
Disabling AI Studio entirely via Admin Console removes a valuable tool for all users.
No IAM role granularly controls this toggle.
Request:
Please add an admin-level control (Admin Console setting or Organization Policy constraint) that allows organizations to disable the “Public” sharing option for specific projects, organizational units, or groups, while keeping “Restricted” sharing available. Ideally also audit logs for sharing state changes.
Impact:
Without this control, enterprise customers cannot safely enable AI Studio for teams working with sensitive code, prompts, or business logic.