Projects, Folders, Organisation Node are the binding blocks of the Google Cloud Hierarchy.
Policies are inherited downwards in the hierarchy. All Google Cloud platform resources belong to a project.
Projects are the basis for enabling and using GCP services like managing APIs, enabling billing and adding and removing collaborators and enabling other Google services.
Each project is a separate compartment and each resource belongs to exactly one.
Projects can have different owners and users – they’re built separately and they’re managed separately.
Project ID / Name / Number
Project has three identifying attributes
Each GCP project has a name and a project ID that you assign.
Project ID : Globally unique : Chosen by you : Immutable
The project ID is a permanent, unchangeable identifier and it has to be unique across GCP. You use project IDs in several contexts to tell GCP which project you want to work with. In general, project IDs are made to be human readable strings and you’ll use them frequently to refer to projects.
It is a a unique identifier for your project, composed of the project name and a randomly assigned number.
Project Name : Need not be unique : Chosen by you : Mutable
On the other hand, project names are for your convenience and you can assign them.
Project Number : Globally Unique : Assigned by GCP : Immutable
GCP also assigns each of your projects a unique project number and you’ll see a display to you in various contexts. It is a number that’s automatically generated by the server and assigned to your project.
You can organize projects into folders, although you don’t have to.
For example, you can use folders to represent different departments,
teams, applications or environments in your organization.
Folders let teams have the ability to delegate administrative rights,
so they can work independently.
The resources in a folder inherit IAM policies from the folder.
So, if project three and four are administered by the same team by design,
you can put IAM policies into folder B instead.
Doing it the other way, putting duplicate copies of those policies on
project three and project four would be tedious and error prone.
To use folders, you need an organization node at the top of the hierarchy.
You probably want to organize all the projects in your company into a single structure.
Most companies want the ability to have centralized visibility on how resources are being used and to apply policy centrally. That’s what the organization node is for. It’s the top of the hierarchy.
In part the answer depends on whether your company is also a G Suite customer.
If you have a G Suite domain, GCP projects will automatically belong to your organization node. Otherwise, you can use Google Cloud Identity to create one.
When you get a new organization node, it lets anyone in the domain create
projects and billing accounts just as they could before. That’s to avoid surprises and disruption.
But it’d be a great first step with a new organization node to decide who on your team should really be able to do those things.
Once you have an organization node, you can create folders underneath it and put it in projects.