Answer-first summary for fast verification
Answer: Create a Cloud DNS private zone in each service project. Use cross-project binding to associate the zones to the Shared VPC in the host project.
In a Shared VPC setup, service projects use the host project's VPC network. To allow workloads in the Shared VPC to resolve private DNS zones defined in individual service projects, cross-project binding is required. Option D is correct because creating a Cloud DNS private zone in each service project and using cross-project binding to associate those zones with the Shared VPC in the host project ensures that all workloads in the Shared VPC can resolve all private zones. This method directly links the DNS zones from service projects to the Shared VPC, enabling visibility across all service projects. Other options, such as DNS forwarding (A) or peering (B), do not properly associate the zones with the Shared VPC in a way that allows global resolution. Response policy zones (C) are unrelated to DNS zone sharing.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your organization uses a Shared VPC model. Service project owners need to manage their DNS zones independently within their service projects, while ensuring all service project workloads can resolve private zones defined in other service projects. What solution should you implement to meet these requirements?
A
Create a Cloud DNS private zone in each service project. Use a Cloud DNS forwarding zone to forward queries to the Shared VPC in the host project.
B
Create a Cloud DNS private zone in each service project. Use Cloud DNS peering zones that target the Shared VPC in the host project.
C
Create a Cloud DNS response policy zone in each service project. Use Cloud DNS peering zones that target the Shared VPC in the host project.
D
Create a Cloud DNS private zone in each service project. Use cross-project binding to associate the zones to the Shared VPC in the host project.
No comments yet.