Skip to content

Projects

Projects Attributes

ID Uniqueness Chosen By Mutability
Project ID Globally unique You Immutable
Project name Need not be unique You Mutable
Project number Globally unique GCP Immutable

Hierarchy

Resource Manager

Resource Manager allows to programmatically manage Organizations, Folders, and Projects
Organization
  • If you have a GSuite domain, GCP projects will automatically belong to your organization node
  • Otherwise, you can use Google Cloud Identity to create one
Resource hierarchy levels
  • Define trust boundaries
Folders

Organization Policy Service

  • Allows to set constraints that apply to all resources in the hierarchy
  • All descendants inherit the policy constraints
  • 2 main constraint types:
    • List: allows or disallows values within a list
      • Example: compute.vmExternalIpAccess
      • This list constraint defines the set of Compute Engine VM instances that are allowed to use external IP addresses
    • Boolean: turn policies on or off