Upon blocking a request, GCP Org policy constraints were logging the deny
logs in Principal''s project and the blocking project. An attacker could use those
logs to exfiltrate any data, by making request from a Principal they own from
a defender project.
Review denied logs in the defender project, because it was also logged there.