Google Cloud Hierarchy Made Simple: Org, Folders & Projects Explained

Mahesh HMahesh H
3 min read

"GCP ain't just about VMs and buckets – first, you need to clean up the room before throwing a party!"

Intro – Why Bother with Structure?

Before you go full mad scientist deploying Kubernetes clusters and Cloud Functions everywhere, let’s talk about structure.

Google Cloud is not a jungle (unless you let it become one).

Setting up an Organization, Folders, and Projects is like setting up your company structure in the cloud.

1. Organization – The HQ of Your Cloud Empire

Think of this as your company’s main building.
In GCP, the Organization is the top-level container for all things cloud.

How do you get one?

  • Buy a domain (yourcompany.com)

  • Sign up for Google Workspace or Cloud Identity

  • Google sets up your Organization after verifying your domain

Real Talk:

  • Using personal Gmail? → You’re a freelancer building your own stuff.

  • Using a company/work domain? → You’re part of a team inside a company’s workspace.

Quick FAQs:

  • ❓Can I create resources without an Organization?
    ➡️Yep! But it's personal and hard to manage as you scale.

  • ❓Can I create multiple Organizations?

    ➡️No, one Organization per domain (Google Workspace or Cloud Identity account).

2. Folders – Departments in Your Cloud Office

Folders are teams, departments, or environments within your org.
Just like Engineering, HR, or even that one mysterious "DevOps" team.

What do Folders do?

  • Group projects

  • Apply permissions or policies to a whole team

  • Make your life easy when scaling cloud usage

Folderception Alert:
Yes, folders can contain other folders. It's like Inception, but for the cloud.

Quick FAQs:

  • ❓Can I have folders without an Organization?
    ➡️Nope. No Org = No folders.

  • ❓Can I add billing accounts to folders?
    ➡️Nope again. Billing goes only to projects.

3. Projects – Your Actual Apps & Stuff

Now comes the real action.
Projects are where all the magic (and cloud bills) happen.

Every VM, bucket, secret, or API you use is tied to a Project.

Important:

  • Projects are unique containers with IDs

  • IAM roles and permissions are usually set per project

  • Billing is tracked per project

Quick FAQs:

  • ❓Can I move a project between folders?
    ➡️Yes, with the right permissions.

  • ❓Can I delete and recover a project?
    ➡️Yes, within 30 days.

  • ❓Can I have one project in two folders?
    ➡️Nope. One home only!

  • ❓Can Projects live directly under the Organization?
    ➡️Totally. Folders are optional, but useful.

Real-World Example:

How to Create All This (Step-by-Step)

✅ Create an Organization

  1. Get Google Workspace or Cloud Identity

  2. Use domain email to log into GCP

  3. Domain gets verified → Boom! You got an Org

✅ Create a Folder

  • GCP Console → IAM & Admin → Folders → Create Folder

  • Choose parent (Org or Folder)

✅ Create a Project

  • Click “New Project”

  • Choose name + parent (Folder or Org)

  • Assign billing account

Final Thoughts – Don’t Skip the Boring Stuff

It might seem boring now, but a good structure saves you hours of chaos later.

Think of GCP as your virtual office. Don’t start building before you lay the blueprint.

0
Subscribe to my newsletter

Read articles from Mahesh H directly inside your inbox. Subscribe to the newsletter, and don't miss out.

google cloud#resource hierarchy

Written by

Mahesh H
Mahesh H

Hi, I'm starting my DevOps journey. Each week, I explore new concepts, tackle challenges, and share my learning experience. Follow along as I grow and explore the world of DevOps!