Hi @antfrasparkle 

Welcome to Google Cloud Community!

If I understand your question correctly, you're asking if there is a way to deny access to a Cloud Identity super admin from Google Cloud Console.

Unfortunately there is no way to deny access to a Cloud Identity super admin because by design a super admin account has the highest level of permission.

But there are ways to minimize the risks associated with a super admin account having full access:

• Least Privilege: Assign limited permissions for everyday tasks. Regular admin accounts should only have the access they need to do their jobs. Reserve the most powerful super admin account for critical situations.
• Multi-Factor Authentication (MFA): Enforce strong Multi-Factor Authentication (MFA) on the super admin account. This adds an extra layer of security by requiring a secondary verification code in addition to the password during login.
• Alerting: Consider setting up monitoring tools to send alerts whenever the super admin account logs in. This allows you to be aware of any suspicious activity.
• Separate Super Admin Account: Create a dedicated super admin account with a strong password and MFA specifically for managing Cloud Identity. Avoid using this account for other purposes like email or personal use.

For more information on best practices for Cloud Identity super admin accounts, you can refer to this Google Cloud documentation.

I hope this information is helpful.

If you need further assistance, you can always file a case with our support team.