You are using a third-party next-generation firewall to inspect traffic and have created a custom route (0.0.0.0/0) to route egress traffic to the firewall. You need to allow VPC instances without public IP addresses to access the BigQuery and Cloud Pub/Sub APIs directly, bypassing the firewall.

Which two actions should you take? (Choose two.)

Exam-Like

Turn on Private Google Access at the subnet level.

27.8%

Turn on Private Google Access at the VPC level.

16.7%

Turn on Private Services Access at the VPC level.

5.6%

Create a set of custom static routes to send traffic to the external IP addresses of Google APIs and services via the default internet gateway.

33.3%

Create a set of custom static routes to send traffic to the internal IP addresses of Google APIs and services via the default internet gateway.

16.7%

Google Professional Cloud Network Engineer