Your organization, TerramEarth, is deploying a global application to handle credit card payments. Client VMs within the same VPC as the application must access it privately without using the application's global external IP address due to compliance constraints. Currently, Cloud DNS resolves `myglobalapp.terramearth.com` only to a public IP address via a public zone. The internal clients need to resolve `myglobalapp.example.com` privately without exposing the external IP. How should you configure Cloud DNS to meet this requirement while adhering to Google-recommended practices?

Exam-Like

Create a sub-domain named internal.terramearth.com. Add the new DNS entry (myglobalapp.internal.terramearth.com) to the sub-domain pointing to the internal IP address from the application VM.

0.0%

Configure a query logic script inside Cloud DNS to check the source IP address from the VPC, and respond with a modified DNS record to include the internal IP address from the application VM.

0.0%

Configure a private zone for the application record (myglobalapp.terramearth.com) and point to the internal IP address of the application VM. Bind this zone to the VPC.

100.0%

Promote the ephemeral IP address from the application VM to static, add this static ip address to each internal client's host file, and change the myglobalapp.terramearth.com DNS record to this new static IP address.

0.0%

Google Professional Cloud Network Engineer

Comments

Get started today