I am working with a GCC client who is very happy to finally have Sensitivity Labels and Policies show up in their GCC tenant!
They want to use labels to manage external access to M365 Groups (mainly for Teams), with the "Let M365 Group Owners add people outside the organization to the group" setting within the label configuration options. We have created an "external" and "internal" label accordingly, and published said labels with accompanying policies. Both policies target a mail-enabled AAD security group...
Members of the label policy targeted security group can see and apply labels via the SPO admin center, but not in Teams or the Teams Admin Center, for new or existing Teams.
I can test this same workflow in my (commercial) demo tenant without issue. Does anyone have any ideas as to why we can't label new and/or existing Teams?