You need to configure a Cloud Storage bucket in Project A to be readable only from Project B and prevent its data from being accessed by or copied to any Cloud Storage buckets outside of your network, even with valid credentials. What steps should you take?

Exam-Like

Enable VPC Service Controls, create a perimeter with Project A and B, and include Cloud Storage service.

Enable Domain Restricted Sharing Organization Policy and Bucket Policy Only on the Cloud Storage bucket.

Enable Private Access in Project A and B networks with strict firewall rules to allow communication between the networks.

Enable VPC Peering between Project A and B networks with strict firewall rules to allow communication between the networks.

Google Professional Cloud Security Engineer