Answer-first summary for fast verification
Answer: Use Cloud Build private pools to connect to the private VPC.
The question requires a solution that allows the CI pipeline's build step to access APIs inside a private VPC without exposing API traffic publicly, while also minimizing management overhead. Option A, using Cloud Build private pools, is the correct choice because it allows Cloud Build to connect directly to resources in a private VPC without exposing them to the public internet. This meets the security requirement and minimizes management overhead by leveraging Google Cloud's managed services. Option B, using Spinnaker, is not directly related to solving the specific requirement of accessing APIs inside a private VPC with minimal overhead. Option C, configuring Internal HTTP(S) Load Balancing, would not be necessary since Cloud Build private pools already provide a direct connection to the private VPC. Option D, configuring External HTTP(S) Load Balancing with Google Cloud Armor, would expose the APIs to the public internet, which violates the security requirement.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You are setting up a CI pipeline. The build step for integration testing needs to access APIs within your private VPC network. Your security team mandates that API traffic must not be exposed publicly. You need to implement a solution with minimal management overhead. What should you do?
A
Use Cloud Build private pools to connect to the private VPC.
B
Use Spinnaker for Google Cloud to connect to the private VPC.
C
Use Cloud Build as a pipeline runner. Configure Internal HTTP(S) Load Balancing for API access.
D
Use Cloud Build as a pipeline runner. Configure External HTTP(S) Load Balancing with a Google Cloud Armor policy for API access.
No comments yet.