Answer-first summary for fast verification
Answer: Create an organization node, and assign folders for each business unit.
Option A is the correct answer because it leverages Google Cloud's resource hierarchy with an organization node and folders, which provides centralized visibility across all projects while allowing logical grouping by business unit. This structure enables inheritance of IAM policies at the folder level, ensuring separate permission sets for each business unit. Option B is unsuitable as standalone projects with gmail.com accounts lack centralized visibility and violate organizational control best practices. Option C (labels) is insufficient for IAM separation and doesn't provide hierarchical organization. Option D (VPC separation) addresses network isolation but doesn't meet the project organization and IAM requirements. The community discussion strongly supports A with 100% consensus and high upvotes, citing Google's resource manager documentation as authoritative guidance.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A company has multiple independent business units, each with its own engineering team. You need to achieve visibility into all Google Cloud projects across the company and organize these projects according to the business units. Additionally, each business unit requires distinct IAM permissions.
What is the recommended strategy to meet these requirements?
A
Create an organization node, and assign folders for each business unit.
B
Establish standalone projects for each business unit, using gmail.com accounts.
C
Assign GCP resources in a project, with a label identifying which business unit owns the resource.
D
Assign GCP resources in a VPC for each business unit to separate network access.
No comments yet.