Universal Containers is developing a Salesforce appthat invokes a Heroku app’s web service, which asynchronously generates customer invoices. The Heroku app is deployed to a Private Space. When an invoice is ready, the Heroku app sends a POST request to the Salesforce REST API .
Which two options should an Architect recommend to ensure that neither the Salesforce nor the Heroku app is accessible from the public internet? Choose 2 answers.
A . Restrict the Private Space’s trusted IP range to Salesforce IP addresses
B . Restrict the Private Space’s trusted IP range to Universal Containers’ VPN
C . Restrict the Salesforce connected app’s login IP ranges to Universal Containers’ VPN
D . Restrict the Salesforce connected app’s login IP ranges to the stable outbound IP addresses of the Private Space
Answer: A,D
Explanation:
This is no VPN connection and a trusted IP range is used to limit the trusted outside application’s IP address And there is document related to this use case: https://devcenterheroku.com/articles/establish-trust-private-space-and-salesforce#salesforce-heroku-apps
Latest Heroku Architecture Designer Dumps Valid Version with 185 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund