GCP Resource Hiearchy

Question 1

Resource hierarchy levels define what?

Answer 1

Trust boundaries and resource isolation

Question 2

How should resources be grouped?

Answer 2

According to organization structure

Question 3

How (what direction) are policies inherited?

Answer 3

Downwards in the hierarchy

Question 4

ALL GCP services are associated with____?

Answer 4

A Project

Question 5

What does a GCP project allow (list 4 things)

Answer 5

Track resource and quota usage
Enable billing
Manage permissions and credentials
Enable services and APIs

Question 6

What are the 3 identifying attributes of a GCP Project?

Answer 6

Project ID - Globally unique, Chosen by you, Immutable

Project name - Need not be unique, Chosen by you, Mutable

Project number - Globally unique, Assigned by GCP, Immutable

Question 7

What are GCP Project Folders used for?

Answer 7

● Folders group projects under an
organization.
● Folders can contain projects, other
folders, or both.
● Use folders to assign policies.

Question 8

Consider an example IAM resource hierarchy

Answer 8

● A policy is set on a
resource.
○ Each policy contains
a set of roles and
role members.
● Resources inherit
policies from parent.
○ Resource policies are
a union of parent and
resource.
● A less restrictive parent
policy overrides a more
restrictive resource
policy.