Stackdriver alerts 

Cloud Monitoring (aka Stackdriver) makes it possible to create custom metrics. This 'metric' doesn't just have to be something like CPU, RAM and other well known metrics. It can also be something like 'This resource was created outside of allowed regions' or 'This app just threw 3 404 errors in one day..'.

Creating Alerts

To alert on such metrics  (events), is a two step process:

Step 1 - Create a Custom Metric within Cloud Monitoring / Stackdriver (e.g. VM created outside of allowed region, HTTP Errors found in log).

This involves looking for VMs in the resource drop down, looking for protoPayload within the JSON body of the events and looking for the 'create' event. From here, one can add additional filters - e.g. 'in this region'. Now, we have a custom metric that will log an event any time a VM is created outside our filtered region.

Step 2 - Once we have a custom metric, it is simple to create an Alerting Policy around this metric. Simply fill in the Conditions and the Notifications on the Alerting policy. And you're done!
Alerting on custom occurrences within GCP is not terribly difficult to do with native tooling. One doesn't need Prisma and Wiz type of CSPM tools if one can use Cloud Monitoring effectively.