Fundamentals - Getting Started Infrastructure Flashcards
What is the main way you organise resources in GCP?
Projects
Describe the GCP hierarchy from the bottom up
Resources -> Projects -> Folders -> Organisation node
Do projects have to be organised into folders?
No - “Optionally, projects may be organized into folders”
Why would you usually group resources under a given project?
The resources are related, usually because they have a common business objective.
Can you define policies on all individual GCP resources?
No - Projects, folders, and organization nodes are all places where the policies can be defined.
Some GCP resources let you put policies on individual resources too, like those cloud storage buckets I mentioned.
Give an example of GCP resource where you can define policies directly at the resource level?
Cloud Storage Bucket
Which levels are policies normally defined?
Org Node
Folders
Project
Does GCP allow you to create a folder within a folder?
Yes - “projects may be organized into folders. Folders can contain other folders.”
Does a folder inherit policies from the project?
No - policies are inherited downwards in the hierarchy where “Org Node” is the top of the hierarchy, followed by Folders, Projects and at the bottom - resources.
Can a GCP resource be attached to a folder?
No - “All Google Cloud Platform resources belong to a project”
Can a resource be assigned to more than one project?
No - “Each project is a separate compartment, and each resource belongs to exactly one.”
What are the three identifying attributes of a project?
Project ID
Project Name
Project Number
Which of the following is assigned by GCP rather than by you: the project id or the project number?
Project Number
Can you re-use the same project id under a different organisation?
No - it has to be globally unique
Is the project name globally unique?
No - it need not be unique.
Can you change the project number after creating it?
No - it is immutable?
Can you change the project id after creating it?
No - it is immutable
Can you change the project name after creating it?
Yes - it is mutable.
Why would you generally refer to the project id rather than the project number?
The project id is usually defined as a human readable string which is much easier to refer to.
You don’t have to assign resources to a folder but what benefit does it present from a policies perspective?
Resources inherit policies from the folder they are under.
Without it, you’d have to duplicate the policies on earch resource.
Give examples of what you might define your folders as?
You can use folders to represent different:
- departments,
- teams,
- applications,
- or environments in your organization.