In my attempts to use Google Drive for some automated important data backups, I'm making use of the API and a Service Account to upload data to a Team Drive. The account only has 'Contributor' access to this drive, and thus can only 'Add' or 'Edit' files.
However, Google states it may delete historical revisions after 100 revisions – Leading me to think some malicious agent could simply edit the file 100 times to effectively 'delete' the contents practically instantly.
Is this the case? If so, would I be able to restore the deleted revisions through the Google Admin panel like normally permanently deleted items? Can Google Vault save me from this? Is there another way around this?
Best Answer
After having to talked to Google support, and run my own tests - Yes, anybody can permanently and unrecoverably delete any and all information they have write access to in Google Drive in a matter of seconds (obviously, save for any other backups you have manually set up).
Seems like a massive security failure to me, but oh well. We have resolved to automatically backup our important data drives to new team drives with rclone on a daily basis to insure against this kind of attack.