GCP doesn't offer a native hard spending cap — budget alerts notify but don't act. This guide walks through building an automated billing kill switch using Terraform, Cloud Functions (Gen 2), Pub/Sub, and Eventarc. When spend crosses a configurable threshold, a Python Cloud Function calls the Cloud Billing API to detach the billing account, stopping all paid services cold. The full stack is ~200 lines of Terraform and ~50 lines of Python, deployable across multiple dev/sandbox projects via tfvars. Key implementation details include IAM setup for billing-account-level permissions, a dry-run mode for safe testing, deduplication of budget threshold rules, and a deliberate no-retry policy. The approach is explicitly recommended only for dev, sandbox, and PoC environments — not production.