Answer-first summary for fast verification
Answer: Use Private Service Connect to access Cloud Storage, and use the default public domains for all other Google APIs and services.
The requirement is to route Cloud Storage traffic through the private Interconnect while allowing other Google services to use the public internet. Private Service Connect (PSC) enables accessing Cloud Storage via a private endpoint in the VPC, ensuring traffic stays on Google's network and traverses the Interconnect. Other services using default public domains (e.g., www.googleapis.com) would route via the public internet. Option B achieves this split. Options C and D incorrectly use Private Google Access (PGA), which routes all Google API traffic through private VIPs (either private.googleapis.com or restricted.googleapis.com), conflicting with the requirement to allow non-Cloud Storage traffic over the public internet. Thus, B is the correct choice.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your organization has a single VPC network in Google Cloud with on-premises connectivity via Cloud Interconnect. You need to ensure traffic to Cloud Storage exclusively uses Interconnect links, while allowing other Google APIs and services to be accessed over the public internet. What configuration should you implement?
A
Use the default public domains for all Google APIs and services.
B
Use Private Service Connect to access Cloud Storage, and use the default public domains for all other Google APIs and services.
C
Use Private Google Access, with restricted.googleapis.com virtual IP addresses for Cloud Storage and private.googleapis.com for all other Google APIs and services.
D
Use Private Google Access, with private.googleapis.com virtual IP addresses for Cloud Storage and restricted.googleapis.com virtual IP addresses for all other Google APIs and services.
No comments yet.