Your company is developing an internal portal on Google Cloud Platform using a custom VPC. The security team has imposed strict requirements: VMs must not have internet access and should only use private IP addresses. However, your application needs to access files stored in Google Cloud Storage within your project. How can you facilitate this access without violating the security mandates?

Real Exam

Route the traffic to the dedicated IP address of the Cloud Storage bucket by deploying a Cloud NAT instance.

15.0%

Enable Private Google Access on the subnet within the custom VPC.

50.0%

Enable Private Service Access on the Cloud Storage Bucket.

15.0%

Create a VPC Service Control perimeter and add storage.googleapis.com to the list of restricted services and add your project to the list of protected projects.

20.0%

Google Associate Cloud Engineer

Get started today

Comments