Google Cloud Professional Cloud Security Engineer Practice Exam

To ensure GDPR compliance for resource creation, what should be applied to the Google Cloud organization?

• A. Set up a budget for resources.
• B. Use the org policy constraint 'Google Cloud Platform - Resource Location Restriction'.
• C. Install a region-specific API.
• D. Regularly monitor compliance reports.

The correct answer is: Use the org policy constraint 'Google Cloud Platform - Resource Location Restriction'.

Utilizing the org policy constraint 'Google Cloud Platform - Resource Location Restriction' is essential for ensuring GDPR compliance in the context of resource creation in Google Cloud. The General Data Protection Regulation (GDPR) requires that personal data be processed and stored within specific geographical boundaries, particularly within the European Union. By applying the resource location restriction policy, organizations can enforce rules that prevent the creation or storage of resources outside designated regions. This is crucial for compliance because it allows organizations to control where their data is processed and ensures that they adhere to the legal requirements set forth by GDPR. This constraint effectively limits the geographical locations in which resources can be created, helping to safeguard personal data and reduce the risk of non-compliance. The other options, while they may provide various levels of utility and support security best practices, do not specifically address the fundamental requirement of geographic data handling as mandated by GDPR. Setting up a budget is focused on financial management rather than legal compliance. Installing a region-specific API may help in functionality, but it does not inherently safeguard data locations. Regularly monitoring compliance reports is a valuable practice, yet without the foundational policy in place to restrict data handling geographically, it may not ensure compliance by itself.