What should you do?

Your organization’s Google Cloud VMs are deployed via an instance template that configures them with a public IP address in order to host web services for external users.

The VMs reside in a service project that is attached to a host (VPC) project containing one custom Shared VPC for the VMs. You have been asked to reduce the exposure of the VMs to the internet while continuing to service external users. You have already recreated the instance template without a public IP address configuration to launch the managed instance group (MIG).

What should you do?
A . Deploy a Cloud NAT Gateway in the service project for the MIG.
B . Deploy a Cloud NAT Gateway in the host (VPC) project for the MIG.
C . Deploy an external HTTP(S) load balancer in the service project with the MIG as a backend.
D . Deploy an external HTTP(S) load balancer in the host (VPC) project with the MIG as a backend.

Answer: D

Explanation:

https://cloud.google.com/load-balancing/docs/https#shared-vpc

While you can create all the load balancing components and backends in the Shared VPC host project, this model does not separate network administration and service development responsibilities.

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments