Your organization is pursuing GDPR compliance and needs to ensure DevOps teams can only provision Google Cloud resources within Europe regions. What should you do?

Exam-Like

Use Identity-Aware Proxy (IAP) with Access Context Manager to restrict the location of Google Cloud resources.

Use the org policy constraint 'Google Cloud Platform – Resource Location Restriction' on your Google Cloud organization node.

Use the org policy constraint 'Restrict Resource Service Usage' on your Google Cloud organization node.

Use Identity and Access Management (IAM) custom roles to ensure that your DevOps team can only create resources in the Europe regions.

Google Professional Cloud Security Engineer