What is the GCP Organization hierarchy?

GCP resources are organized in a four-level hierarchy. Organization: the root node, representing your company. Requires Cloud Identity or Google Workspace. Organization-level IAM policies apply to all resources. Folders: group projects (and other folders) for teams, environments, or departments. Apply policies at the folder level for bulk governance. Up to 10 levels of folder nesting. Projects: the base container for resources, APIs, billing, and configuration. Resources: individual services like VMs, buckets, databases. IAM policies set at a higher level are inherited downward (cannot be revoked lower). Organization Policies (via Organization Policy Service) enforce constraints across the hierarchy — e.g., restrict which regions resources can be created in, or disable service account key creation.