An organization has a folder-level organization policy that enforces 'constraints/compute.requireShieldedVm'. A development team wants to create a test VM that does not use Shielded VM features. What is the correct approach?
Policy overrides at a lower level can change enforcement. The dev team should request an override.
Why this answer
Organization policies can be overridden at a lower level in the resource hierarchy using policy inheritance rules. The dev team should request an exemption for their project or folder by creating a policy override that sets the constraint to 'not enforce'. This must be done by a user with the appropriate organization policy administrator role.