You have deployed several instances on Compute Engine. As a security requirement, instances cannot have a public IP address. There is no VPN connection between Google Cloud and your office, and you need to connect via SSH into a specific machine without violating the security requirements. What should you do? A. Configure Cloud NAT on the subnet where the instance is hosted. Create an SSH connection to the Cloud NAT IP address to reach the instance. B. Add all instances to an unmanaged instance group. Configure TCP Proxy Load Balancing with the instance group as a backend. Connect to the instance using the TCP Proxy IP. C. Configure Identity-Aware Proxy (IAP) for the instance and ensure that you have the role of IAP-secured Tunnel User. Use the gcloud command line tool to ssh into the instance. D. Create a bastion host in the network to SSH into the bastion host from your office location. From the bastion host, SSH into the desired instance. Â Suggested Answer: D This question is in Google Professional Cloud Architect Exam For getting Google Professional Cloud Architect Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Google. Trademarks, certification & product names are used for reference only and belong to Google.
Please login or Register to submit your answer
