Objective: You want to limit the images that can be used as the source for boot disks to a set of images stored in a dedicated project.
Solution: Use the Organization Policy Service.
Steps:
Step 1: Open the Google Cloud Console.
Step 2: Navigate to the Organization Policies page.
Step 3: Create a new policy by clicking on "Create Policy".
Step 4: Select the constraint compute.trustedimageProjects.
Step 5: Set the policy to ALLOW and specify the project ID where the trusted images are stored in the whitelist.
Step 6: Save and apply the policy.
By creating a compute.trustedimageProjects constraint at the organization level and specifying the trusted project in the allow list, you ensure that only images from this project can be used for boot disks across the organization.
[References:, GCP Organization Policy Service Documentation, Compute Trusted Image Projects Constraint, , ]
Submit