You have implemented a hub-and-spoke architecture in Google Cloud using VPC Network Peering to connect spoke networks to the hub. For security, you deployed a private GKE cluster in a spoke project with a private control plane endpoint, restricting authorized networks to the GKE node subnet. However, you cannot access the GKE control plane from another spoke project. How can you enable access to the GKE control plane from other spoke projects?

Exam-Like

Add a firewall rule that allows port 443 from the other spoke projects.

0.0%

Enable Private Google Access on the subnet where the GKE nodes are deployed.

14.3%

Configure the authorized networks to be the subnet ranges of the other spoke projects.

71.4%

Deploy a proxy in the spoke project where the GKE nodes are deployed and connect to the control plane through the proxy.

14.3%

Google Professional Cloud Network Engineer