Answer-first summary for fast verification
Answer: Create the secret with a user-managed replication policy.
The error message indicates that there is an organization policy in place that restricts the creation of resources to specific locations, and the attempt to create a secret in the 'global' region violates this policy. Since regulations require all resources to be created in a United States-based region, the correct approach is to ensure the secret is created in a compliant region without modifying the organization policy to allow the 'global' region, as this would violate the regulatory requirements. Option C, creating the secret with a user-managed replication policy, allows you to specify a compliant region (e.g., a U.S. region) for the secret, thus resolving the error while remaining compliant. Options A and D would either remove necessary restrictions or violate regulations by allowing the 'global' region. Option B does not guarantee compliance as automatic replication might not adhere to the required U.S.-based region constraint.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You work for a healthcare company and regulations require all resources to be created in a United States-based region. You tried to create a secret in Secret Manager but encountered the error:
Constraint constraints/gcp.resourceLocations violated for [orgpolicy:projects/000000] attempting to create a secret in [global]
How can you resolve this error while maintaining compliance with the regulations?
A
Remove the organization policy referenced in the error message.
B
Create the secret with an automatic replication policy.
C
Create the secret with a user-managed replication policy.
D
Add the global region to the organization policy referenced in the error message.
No comments yet.