Your organization has two VPC Service Controls service perimeters, Perimeter-A and Perimeter-B, in Google Cloud. You need to copy data from a Cloud Storage bucket inside Perimeter-A to another Cloud Storage bucket inside Perimeter-B. You must minimize exfiltration risk, only allow necessary connections, and adhere to the principle of least privilege. What should you do?

Exam-Like

Configure a perimeter bridge between Perimeter-A and Perimeter-B, and specify the Cloud Storage buckets as the resources involved.

Configure a perimeter bridge between the projects hosting the Cloud Storage buckets in Perimeter-A and Perimeter-B.

Configure an egress rule for the Cloud Storage bucket in Perimeter-A and a corresponding ingress rule in Perimeter-B.

Configure a bidirectional egress/ingress rule for the Cloud Storage buckets in Perimeter-A and Perimeter-B.

Google Professional Cloud Security Engineer