Answer-first summary for fast verification
Answer: Ensure that Private Google Access is enabled in the subnetwork. Use Dataflow with only internal IP addresses.
The correct answer is D: Ensure that Private Google Access is enabled in the subnetwork. Use Dataflow with only internal IP addresses. Private Google Access allows VM instances that only have internal IP addresses to reach Google APIs and services. By enabling this on the subnetwork where the Dataflow workers are launched, you ensure that the workers can access Cloud Storage and BigQuery without needing external IP addresses, thus complying with the organizational constraint.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
As a Data Engineer, you are responsible for deploying a batch pipeline using Google Cloud Dataflow. The pipeline's workflow involves reading data from Cloud Storage, performing data transformations, and subsequently writing the transformed data into BigQuery. Recently, the security team implemented an organizational constraint across your Google Cloud environment. This constraint mandates that all Compute Engine instances must utilize only internal IP addresses, forbidding the use of any external IP addresses. With this security requirement in place, what steps should you take to ensure your Dataflow pipeline operates correctly and adheres to the constraint?
A
Ensure that your workers have network tags to access Cloud Storage and BigQuery. Use Dataflow with only internal IP addresses.
B
Ensure that the firewall rules allow access to Cloud Storage and BigQuery. Use Dataflow with only internal IPs.
C
Create a VPC Service Controls perimeter that contains the VPC network and add Dataflow, Cloud Storage, and BigQuery as allowed services in the perimeter. Use Dataflow with only internal IP addresses.
D
Ensure that Private Google Access is enabled in the subnetwork. Use Dataflow with only internal IP addresses.