Answer: On-premises DNS servers lack the necessary records to resolve private Google API domains. Create DNS records for restricted.googleapis.com or private.googleapis.com pointing to Google's published IP ranges.

The issue is that on-premises developers cannot resolve the Artifact Registry hostname due to DNS resolution failures. Since there's no custom DNS configuration on-premises and no direct internet route, the on-premises DNS servers lack the necessary records for Google's private APIs. Option A correctly identifies that creating DNS records for restricted.googleapis.com or private.googleapis.com pointing to Google's published IP ranges will resolve the hostname resolution issue. The community discussion shows 100% consensus on answer A with multiple upvoted comments supporting this solution. Option B is incorrect as IAM roles don't affect DNS resolution. Option C is not applicable since Private Google Access is for VMs within Google Cloud, not on-premises networks. Option D is incorrect as firewall rules for HTTP/HTTPS access won't resolve DNS resolution problems.

Author: LeetQuiz Editorial Team