Google Associate Cloud Engineer
Get started today
Ultimate access to all questions.
Ultimate access to all questions.
At a financial services company operating in the United States, data security policies prohibit storing or processing any data outside the US region. Several development teams use Google Cloud to work with the data. How can you ensure these teams do not create Google Cloud resources outside the US region?
Explanation:
Option A is correct because organizing all development projects within a folder allows for effective management. Applying an Organization policy can enforce restrictions on resource creation to specific locations, in this case, the United States, ensuring teams only create resources within the US. Option B is incorrect as creating an organization does not offer the necessary granularity for location restrictions, and IAM policies manage access, not locations. Option C is incorrect because applying an IAM policy to each project individually lacks centralized control and is inefficient. Option D is incorrect for similar reasons, as it requires applying policies to each role in every project, which is not centralized.