You have deployed multiple Compute Engine instances that cannot have public IP addresses due to security requirements. There is no VPN connection between Google Cloud and your office. How can you establish an SSH connection to a specific instance without violating the security policy?

Exam-Like

Configure Cloud NAT on the subnet where the instance is hosted. Create an SSH connection to the Cloud NAT IP address to reach the instance.

5.3%

Add all instances to an unmanaged instance group. Configure TCP Proxy Load Balancing with the instance group as a backend. Connect to the instance using the TCP Proxy IP.

2.6%

Configure Identity-Aware Proxy (IAP) for the instance and ensure that you have the role of IAP-secured Tunnel User. Use the gcloud command line tool to ssh into the instance.

73.7%

Create a bastion host in the network to SSH into the bastion host from your office location. From the bastion host, SSH into the desired instance.

18.4%

Google Professional Cloud Architect

Get started today

Comments

You have deployed multiple Compute Engine instances that cannot have public IP addresses due to security requirements. There is no VPN connection between Google Cloud and your office. How can you establish an SSH connection to a specific instance without violating the security policy?