Disabling publicly exposed Service Account keys while maintaining future flexibility

:wave: Hi everyone!
I got this mail Automatically disable publicly exposed Service Account keys If I choose DISABLE_KEY to enable the protection right now, can we disable the protection in the future if required

it’s an organization constraint, you can enable/disable or even set specific value for different folder/project at any time

It’s probably not retroactive, and in worst case there is probably few minutes/hours before changes are effective

Thanks a lot for the quick response and info