You are developing a noise reduction application with multiple Linux machines on Compute Engine. These VMs lack public IPs, yet you require SSH access over the internet without network configuration changes. Additionally, any new VMs added should not need extra setup. What is the best approach?

Real Exam

Explanation:

A is the correct choice because Cloud Identity-Aware Proxy (IAP) enables SSH access to VMs without external IPs or direct internet access, without requiring network configuration changes. This solution automatically applies to new VMs in the project. B and D are incorrect as SSH keypairs do not solve the lack of public IPs. C is incorrect because HTTPS configuration does not support SSH or TCP access. D is also a security risk due to the exposure of private keys. For more details, refer to Google Cloud IAP documentation and this Medium article.

Powered ByGPT-5

Google Associate Cloud Engineer

Get started today

Google Associate Cloud Engineer

Get started today

You are developing a noise reduction application with multiple Linux machines on Compute Engine. These VMs lack public IPs, yet you require SSH access over the internet without network configuration changes. Additionally, any new VMs added should not need extra setup. What is the best approach?