Your company must comply with industry-specific regulations, requiring you to enforce customer-managed encryption keys (CMEK) for all new Cloud Storage buckets in the organization named 'org1'.

What command should you run?

Exam-Like

• organization poli-cy:constraints/gcp.restrictStorageNonCmekServices • binding at: org1 • policy type: allow • policy value: all supported services

• organization policy: con-straints/gcp.restrictNonCmekServices • binding at: org1 • policy type: deny • policy value: storage.googleapis.com

• organization policy: con-straints/gcp.restrictStorageNonCmekServices • binding at: org1 • policy type: deny • policy value: storage.googleapis.com

• organization policy: con-straints/gcp.restrictNonCmekServices • binding at: org1 • policy type: allow • policy value: storage.googleapis.com

Google Professional Cloud Security Engineer