Create new Project
To create a Project resource, follow the steps below:
To create a new project, do the following:
-
Go to the
Manage resources
page in the Google Cloud console.
Go to Manage Resources
school
The remaining steps will appear
automatically in the Google Cloud console.
-
On the
Select organization
drop-down list at the top of the page, select the
organization resource in which you want to create a project. If you are a free trial user, skip this
step, as this list does not appear.
- Click
Create Project
.
-
In the
New Project
window that appears, enter a project name and select a
billing account as applicable. A project name can contain only letters, numbers, single
quotes, hyphens, spaces, or exclamation points, and must be between 4 and 30 characters.
-
Enter the parent organization or folder resource in the
Location
box. That resource
will be the hierarchical parent of the new project. If
No organization
is an option,
you can select it to create your new project as the top level of its own resource hierarchy.
- When you're finished entering new project details, click
Create
.
After you create the Project, the
Owner
role is assigned to you.
This role includes all of the permissions you need for the following quickstart.
For more information about permissions, see
Granting, changing, and revoking access to resources
.
Create a Compute Engine disk
To test the functionality of the resource locations constraint, set up
Compute Engine regional persistent disks. When you create a regional
persistent disk, you must specify the location where it will reside. For more
information about creating Compute Engine regional persistent disks, see
Create and manage regional Persistent Disk volumes
.
In the Google Cloud console, go to the
Disks
page.
Go to Disks
Select the Project you created previously.
- If you are prompted to link a billing account to your Project, do so now.
For more information about enabling billing, see
Modify a Project's Billing Settings
.
Click
Create Disk
.
Specify a
Name
for your disk.
Select
Replicate this disk within region
.
Under
Region
, select
europe-north1 (Finland)
.
Under
Zones
, select
europe-north1-a
and
europe-north1-b
.
Click
Create
.
When the disk is successfully created, a green check mark appears next to the
name.
Set the organization policy
To set an organization policy on the Project you created:
In the Google Cloud console, go to the
Organization policies
page.
Go to Organization policies
Click
Select
.
Select the Project you created.
Click
Google Cloud Platform - Define Resource Locations
, and then
click
Edit
.
Under
Applies to
, select
Customize
.
Under
Policy values
, select
Custom
.
Under
Policy type
, select
Allow
.
In the
Policy value
box, enter
in:asia-locations
.
Click
Save
. A notification appears to confirm the policy update.
asia-locations
is a
value group
that is
curated by Google to include every location in a particular geographic region.
In this case, every region in Asia is defined as an allowed location for any
resources created after this point. Note that the regional persistent disk you
created above is not affected by this new policy, because the policy is not
retroactive.
Testing the organization policy
Now that the organization policy is in effect, you cannot create resources in
regions that were not specified as part of the organization policy. To test
this, try to create a regional persistent disk in an invalid location:
In the Google Cloud console, go to the
Disks
page.
Go to Disks
Select the Project you created above.
Click
Create Disk
.
Specify a
Name
for your disk.
Select
Replicate this disk within region
.
Under
Region
, select
europe-north1 (Finland)
.
Under
Zones
, select
europe-north1-a
and
europe-north1-b
.
Click
Create
.
A red exclamation point appears next to the name, and an error notification
displays:
Location ZONE:europe-north1-a violates constraint
constraints/gcp.resourceLocations on the resource
RESOURCE_ID
Where
RESOURCE_ID
is the full resource path of your Project and disk.
The disk is not created.
Create regional persistent disk in valid location
The organization policy constraint blocks the creation of resources unless you
specify a valid location:
In the Google Cloud console, go to the
Disks
page.
Go to Disks
Select the Project you created previously.
Click
Create Disk
.
Specify a
Name
for your disk.
Select
Replicate this disk within region
.
Under
Region
, select
asia-east2 (Hong Kong)
.
Under
Zones
, select
asia-east2-a
and
asia-east2-b
.
Click
Create
.
The resource is created successfully because all zones under
asia-east2
are
within the
asia-locations
value group.
Clean up
To avoid incurring charges to your Google Cloud account for
the resources used on this page, follow these steps.
Delete regional persistent disks
Delete the regional persistent disks you created for this quickstart:
In the Google Cloud console, go to the
Disks
page.
Go to Disks
In the list that appears, select both of the disks that you created.
To the right of the
Create Disk
button, click
Delete
.
In the confirmation dialog that appears, click
Delete
.
A notification dialog appears to confirm the disks were deleted.
Delete the Project
Delete the Project you created for this quickstart:
In the Google Cloud console, go to the
Manage resources
page.
Go to Manage resources
In the drop-down at the top of the page, select the Organization in which
you created the quickstart Project.
In the list of Project resources that appears, select the Project that you
created, then click
Delete
.
On the
Shut down project
dialog that appears, enter the Project ID,
and then click
Shut down
.