Answer-first summary for fast verification
Answer: Deploy your application on App Engine flexible environment and use Cloud VPN to limit access to the on-premises database.
The correct answer is D because it uses App Engine Flexible Environment with Cloud VPN. App Engine Flexible Environment provides direct VPC network integration, allowing the application to communicate with on-premises resources through Cloud VPN without exposing the database to the public internet. Cloud VPN establishes a secure, encrypted tunnel over the internet, ensuring the database remains private. While App Engine Standard can connect via Serverless VPC Access and Cloud VPN, it adds complexity and cost, making Flexible Environment the more straightforward and optimal choice. Options A and C are incorrect as App Engine firewall rules only control ingress traffic to the app, not outbound connections to on-premises databases. Option B, using Standard Environment with Cloud VPN, is feasible but less ideal due to the need for Serverless VPC Access, which introduces additional overhead.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You are deploying an application on Google App Engine that needs to connect to a private, on-premises database. The database must not be exposed to the public internet for security reasons. What is the recommended solution?
A
Deploy your application on App Engine standard environment and use App Engine firewall rules to limit access to the open on-premises database.
B
Deploy your application on App Engine standard environment and use Cloud VPN to limit access to the on-premises database.
C
Deploy your application on App Engine flexible environment and use App Engine firewall rules to limit access to the on-premises database.
D
Deploy your application on App Engine flexible environment and use Cloud VPN to limit access to the on-premises database.
No comments yet.