EHR Healthcare's infrastructure is migrating to Google Cloud. In the past, configuration errors resulted in public IP addresses being assigned to backend servers that should not have been accessible from the Internet. You need to ensure that such errors do not occur again, making sure that external IP addresses can only be configured on frontend Compute Engine instances and never on backend instances. What should you do?

Exam-Like

Create an Organizational Policy with a constraint to allow external IP addresses only on the frontend Compute Engine instances.

81.3%

Revoke the compute.networkAdmin role from all users in the project with front end instances.

6.6%

Create an Identity and Access Management (IAM) policy that maps the IT staff to the compute.networkAdmin role for the organization.

6.6%

Create a custom Identity and Access Management (IAM) role named GCE_FRONTEND with the compute.addresses.create permission._

5.5%

Google Professional Cloud Architect