Answer-first summary for fast verification
Answer: Project
The question emphasizes the need for 'very granular control' over data residency. In Google Cloud's resource hierarchy, organization policies can be applied at the Organization, Folder, or Project levels, but not directly at the Resource level. While Organization and Folder levels provide broader coverage through inheritance, they lack the granularity required when projects are specifically aligned to different locations, as stated in the scenario. The Project level allows precise control per project, ensuring each project's data residency matches its designated location without affecting others. Community discussion strongly supports C (84% consensus), with key points highlighting that Project is the most granular option and that Organization/Folder levels are less suitable due to their inherited, broader scope, which contradicts the granular requirement. Option B (Resource) is invalid as organization policies cannot be applied directly to individual resources.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your CISO requires business data to be stored in specific geographic locations for regulatory compliance. You have determined that the in-scope services are covered by Google Cloud's data residency capabilities, the data will remain in specified locations within the same organization, the folder structure can span multiple data residency locations, and projects are aligned to specific locations. You plan to use the Resource Location Restriction organization policy for granular control. At which level in the resource hierarchy should you set this constraint?
A
Organization
B
Resource
C
Project
D
Folder
No comments yet.