Answer-first summary for fast verification
Answer: Use Private Google Access for on-premises hosts with restricted.googleapis.com virtual IP addresses.
The question requires configuring private access to Google APIs supported by VPC Service Controls via hybrid connectivity with an SLA. Private Google Access for on-premises hosts using restricted.googleapis.com (Option B) ensures traffic stays within Google's network, complying with VPC Service Controls. Cloud Interconnect provides the required SLA. Other options (A, C, D) involve public IPs, default routes via the internet (no SLA), or Direct Peering (no SLA), which do not meet the requirements.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your organization has a single Virtual Private Cloud (VPC) network in Google Cloud, connected to your on-premises network via Cloud Interconnect. You need to restrict access solely to Google APIs and services supported by VPC Service Controls while maintaining hybrid connectivity with a guaranteed service level agreement (SLA). What is the correct configuration approach?
A
Configure the existing Cloud Routers to advertise the Google API's public virtual IP addresses.
B
Use Private Google Access for on-premises hosts with restricted.googleapis.com virtual IP addresses.
C
Configure the existing Cloud Routers to advertise a default route, and use Cloud NAT to translate traffic from your on-premises network.
D
Add Direct Peering links, and use them for connectivity to Google APIs that use public virtual IP addresses.
No comments yet.