Answer-first summary for fast verification
Answer: Use Cloud Build private pools to connect to the private VPC.
The question requires a solution that allows the CI pipeline's build step to access APIs inside a private VPC network without exposing API traffic publicly and with minimal management overhead. Option A, using Cloud Build private pools, is the correct choice because it allows Cloud Build to connect directly to resources in a private VPC without exposing them to the public internet. This solution meets the security requirements and minimizes management overhead by leveraging managed services. Option B introduces unnecessary complexity by requiring the creation and management of a Compute Engine instance, which increases management overhead. Option C and D involve configuring load balancers, which either do not meet the requirement of not exposing API traffic publicly (Option D) or introduce unnecessary complexity and potential management overhead (Option C).
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You are setting up a CI pipeline. The build step for integration testing needs to access APIs within your private VPC network. Your security team mandates that API traffic must not be exposed publicly. You need to implement a solution with minimal management overhead. What should you do?
A
Use Cloud Build private pools to connect to the private VPC.
B
Use Cloud Build to create a Compute Engine instance in the private VPC. Run the integration tests on the VM by using a startup script.
C
Use Cloud Build as a pipeline runner. Configure a cross-region internal Application Load Balancer for API access.
D
Use Cloud Build as a pipeline runner. Configure a global external Application Load Balancer with a Google Cloud Armor policy for API access.
No comments yet.