GCP Core Concepts & Projects
How Google Cloud is organized — orgs, folders, projects — and how you interact with it.
Theory
Google Cloud organizes everything in a resource hierarchy:
- Organization — the root, tied to your domain
- Folders — group projects by team/department
- Projects — the core unit; every resource belongs to exactly one project, and projects isolate billing, IAM, and APIs
- Resources — the actual VMs, buckets, etc.
IAM policies and billing roll down this hierarchy. You interact via the Console,
the gcloud CLI, client libraries, or APIs. Regions and zones (like AWS
AZs) determine where resources run.
graph TD O["Organization (example.com)"] --> F1["Folder: Engineering"] F1 --> P1["Project: app-dev"] F1 --> P2["Project: app-prod"] P2 --> R["Resources: VMs, buckets, DBs"]
Hands-On Exercise
- Describe the four levels of the GCP resource hierarchy.
- Explain why dev and prod are usually separate projects.
- Use (in words)
gcloud config set projectto target a project. - What’s the difference between a region and a zone?
Cheat Sheet▾
| Level | Role |
|---|---|
| Organization | Root, tied to domain |
| Folder | Group projects |
| Project | Isolation of billing/IAM/APIs |
| Resource | VMs, buckets, etc. |
gcloud | Primary CLI |
| Region / Zone | Geography / datacenter |
Common Interview Questions▾
What is a GCP project and why does it matter?
A project is the core organizational unit — every resource belongs to one, and it isolates billing, IAM, quotas, and enabled APIs. Environments are typically split into separate projects.
How is the GCP resource hierarchy structured?
Organization → Folders → Projects → Resources. IAM and policies are inherited down the tree, so a grant at a folder applies to all projects beneath it.
Official Documentation
📝 My notes on this topic
Auto-saves as you type