
Explanation:
Using an external Load Balancer (e.g., HTTP(S), TCP/SSL Proxy, or Network LB) allows the LB to have the public IP while backend VMs remain private, bypassing org policy on VMs. NAT is egress only.
Ultimate access to all questions.
An org policy blocks external IPs, and a VM needs to receive requests from the internet anyway. Architecturally correct answer?
A
Ask for an org policy exception for the VM
B
Put the VM behind an external load balancer (LB has the public IP; VM stays private)
C
Use Cloud NAT (it enables inbound)
D
It's impossible
No comments yet.