You have an SAP environment on Azure that uses multiple subscriptions.

To meet GDPR requirements, you need to ensure that virtual machines are deployed only to the West Europe and North Europe Azure regions.

Which Azure components should you use?

A. Azure resource locks and the Compliance admin center
B. Azure resource groups and role-based access control (RBAC)

C. Azure management groups and Azure Policy

D. Azure Security Center and Azure Active Directory (Azure AD) groups

Explanation:
Azure Policy enables you to set policies to conform to the GDPR. Azure Policy is generally available today at no additional cost to Azure customers. You can use Azure Policy to define and enforce policies that help your cloud environment become compliant with internal policies as well as external regulations.

Azure Policy is deeply integrated into Azure Resource Manager and applies across all resources in Azure. Individual policies can be grouped into initiatives to quickly implement multiple rules. You can also use Azure Policy in a wide range of compliance scenarios, such as ensuring that your data is encrypted or remains in a specific region as part of GDPR compliance. Microsoft is the only hyperscale cloud provider to offer this level of policy integration built in to the platform for no additional charge.

References:
https://azure.microsoft.com/de-de/blog/new-capabilities-to-enable-robust-gdpr-compliance/