Your organization manages multiple Virtual Private Clouds (VPCs) and has decided to limit the use of external IP addresses for security reasons. Only approved instances should have external IP access to prevent unauthorized data transfer or exposure. You want to implement this restriction consistently across all of your VPCs. What should you do?

Exam-Like

Remove the default route on all VPCs. Move all approved instances into a new subnet that has a default route to an internet gateway.

10.2%

Create a new VPC in custom mode. Create a new subnet for the approved instances, and set a default route to the internet gateway on this new subnet.

11.1%

Implement a Cloud NAT solution to remove the need for external IP addresses entirely.

12.0%

Set an Organization Policy with a constraint on constraints/compute.vmExternalIpAccess. List the approved instances in the allowedValues list.

66.7%

Google Professional Cloud Architect