GCP IAM - Policy inheritance/precedence

Does it also mean that if I assign a user restrictive access at higher level but assign more permissive access at resource level, that user will have more permissive access?

Yes.

In other words, more permissive policy will override restrictive policy no matter what at which level more permissive policy is granted at?

Do not think of it has overriding. Think of it as you are granting additional privileges.

Grant UserA viewer role for a project but assign Editor role at resource level, UserA will have editor level access to the resource?

Correct, UserA will have editor level for the resource.

Think of the hierarchy being Organization / Folders / Projects / Resources. If you have permissions at a higher level, you have at least those permissions at a lower level. This is similar to a company's organization. If you are V.P. of division (project) you are still V.P. for each group (resource) under that division. The opposite also works. You are a team member for the organization (project Viewer) but you are the manager for one group (compute resources Editor) and just a project Viewer for other resources.

Just to add to above answer,

If during union of the policy, situation of policy conflict occurs then DENY takes precedence.

For example there are below two policies

On folder level -> Allow storage bucket creation for user [email protected]

On Project1 Level -> Deny storage bucket creation for user [email protected]

then DENY policy takes precedence and user [email protected] won't be able to create the bucket.

https://cloud.google.com/resource-manager/docs/organization-policy/understanding-hierarchy#reconciling_policy_conflicts