Also visit GoogleCloudArchitect.us for in-depth GCP posts. Also read Folders and Billing in GCP

What does your billing roll up to?

Folders can be used in a variety of ways. They can encompass a business function (eCommerce, hosting…) – or they could hold actual environments (Prod, Test). The way to decide what goes on top of the folder structure is decided by a simple question:

How is billing rolled up within your company?

If you roll up the billing per environment (e.g. PRODUCTION environment costs us this much…),

In brief, your billing needs will dictate how to correctly create a resource hierarchy in google cloud.

What about ‘Shared Services’ ?

Shared Services can include billing, logging (aggregate logs) and Infrastructure as Code accounts (IaC). Where do these fit in?

There are a couple of places where your Shared Services can go. One is at the top organization level (right below the org). The other is on a per-environment level (shared PROD services, shared DEV services etc.)

A Simple Design

If you have no preference, to keep it simple, use folders for departments and products owned by the department.

THEN, use Projects under each folder for DEV, TEST, PROD environments. See the image below:

folders in google cloud, gcp

Remember that Projects come with a default network (read this post for understanding network isolation in google cloud). So deleting a project will require all dependent resources to b deleted (Go into Resource Manager –> Look for your project Id –> Delete).

To add a folder or sub folder under your parent organization

Under Console –> Manage Resources –> Add Folder

manage folders gcp

Summary

Projects are an  important boundary within google cloud. Projects come with their own network (and can also contain more than one network).

Should you use ONE project or MULTIPLE projects? Read this post on GCP Projects to understand the tradeoffs.

Once you get to the resource level, you should be only using PROJECT terminology. To use organizational terminology (departments, groups etc.), you need to look at Folders in GCP.  Folders provide a logical way to recreate your organizational hierarchy on google cloud.

Anuj holds professional certifications in Google Cloud, AWS as well as certifications in Docker and App Performance Tools such as New Relic. He specializes in Cloud Security, Data Encryption and Container Technologies.

Initial Consultation

Anuj Varma – who has written posts on Anuj Varma, Hands-On Technology Architect, Clean Air Activist.

 Twitter Linkedin