Your company has implemented an application that operates on Compute Engine VM instances within a custom Virtual Private Cloud (VPC). According to the company's security policies, only internal IP addresses are permitted on VM instances, and these instances are restricted from internet access. Given these conditions, you need to enable the application to access a file that is stored in a Cloud Storage bucket within your project. What steps should you take to accomplish this?

Exam-Like

Enable Private Service Access on the Cloud Storage Bucket.

19.1%

Add storage.googleapis.com to the list of restricted services in a VPC Service Controls perimeter and add your project to the list of protected projects.

14.5%

Enable Private Google Access on the subnet within the custom VPC.

56.4%

Deploy a Cloud NAT instance and route the traffic to the dedicated IP address of the Cloud Storage bucket.

10.0%

Google Associate Cloud Engineer

Get started today

Comments