To enable TLS inspection with Cloud NGFW Enterprise after creating a CA pool and a CA in Certificate Authority Service, what steps should you follow?

Exam-Like

Grant the network security service agent service account the privateca.certificateRequester role. Create a TLS inspection policy linking to the CA pool. Configure your VPC endpoint associations to use the TLS inspection policy. Flip the TLS inspection flag in your firewall policy rules to true.

55.6%

Grant the network security service agent service account the privateca.poolReader role. Create a TLS inspection policy linking to the CA pool. Configure your VPC endpoint associations to use the TLS inspection policy. Flip the TLS inspection flag in your firewall policy rules to true.

22.2%

Grant the network security service agent service account the privateca.certificateRequester role. Create a trust config in Certificate Manager Flip the TLS inspection flag in your firewall policy rules to true.

11.1%

Grant the network security service agent service account the privateca.certificateRequester role. Create a trust config in Certificate Manager. Flip the TLS inspection flag in your firewall policy rules to true.

11.1%

Google Professional Cloud Network Engineer

Get started today

Comments

To enable TLS inspection with Cloud NGFW Enterprise after creating a CA pool and a CA in Certificate Authority Service, what steps should you follow?