GCPcloud~30 mins

Organization policies in GCP - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Setting Up and Applying Organization Policies in GCP

📖 Scenario: You are a cloud administrator for a company using Google Cloud Platform (GCP). Your company wants to enforce rules across all projects to improve security and compliance. You will create and apply organization policies to control resource behavior.

🎯 Goal: Build a simple GCP organization policy setup that restricts VM instance creation to specific machine types and enforces a policy to disable external IP addresses on VM instances.

📋 What You'll Learn

Create a dictionary called org_policy_constraints with two constraints and their allowed values

Create a variable called target_resource with the exact resource path string

Write a function called apply_policy that takes resource and policy and returns a dictionary representing the applied policy

Create a final dictionary called applied_policy by calling apply_policy with target_resource and org_policy_constraints

💡 Why This Matters

🌍 Real World

Organizations use policies to enforce rules across all cloud projects to maintain security and compliance.

💼 Career

Cloud administrators and engineers must understand how to create and apply organization policies to manage resources effectively.

Progress0 / 4 steps

Create the organization policy constraints dictionary

Create a dictionary called org_policy_constraints with these exact entries: "compute.vmAllowedMachineTypes" set to a list containing "n1-standard-1" and "n1-standard-2", and "compute.disableExternalIp" set to true.

GCP

# Create the org_policy_constraints dictionary with the specified constraints
# Your code here

Need a hint?

Use a dictionary with keys as constraint names and values as the allowed settings.

Define the target resource string

Create a variable called target_resource and set it to the string "organizations/123456789" representing the organization resource path.

GCP

org_policy_constraints = {
    "compute.vmAllowedMachineTypes": ["n1-standard-1", "n1-standard-2"],
    "compute.disableExternalIp": True
}

# Create the target_resource string with the exact value
# Your code here

Need a hint?

Assign the exact string to the variable target_resource.

Write a function to apply the policy

Write a function called apply_policy that takes two parameters: resource and policy. The function should return a dictionary with keys "resource" set to resource and "policy" set to policy.

GCP

org_policy_constraints = {
    "compute.vmAllowedMachineTypes": ["n1-standard-1", "n1-standard-2"],
    "compute.disableExternalIp": True
}

target_resource = "organizations/123456789"

# Define the apply_policy function below
# Your code here

Need a hint?

Define a function that returns a dictionary with the given parameters as values.

Create the final applied policy dictionary

Create a variable called applied_policy by calling the function apply_policy with target_resource and org_policy_constraints as arguments.

GCP

org_policy_constraints = {
    "compute.vmAllowedMachineTypes": ["n1-standard-1", "n1-standard-2"],
    "compute.disableExternalIp": True
}

target_resource = "organizations/123456789"

def apply_policy(resource, policy):
    return {
        "resource": resource,
        "policy": policy
    }

# Call apply_policy with target_resource and org_policy_constraints
# Your code here

Need a hint?

Call the function with the exact variable names and assign the result.