You are using a third-party next-generation firewall to inspect traffic. You created a custom route of 0.0.0.0/0 to route egress traffic to the firewall. You want to allow your VPC instances without public IP addresses to access the BigQuery and Cloud Pub/Sub APIs, without sending the traffic through the firewall.
Which two actions should you take? (Choose two.)
A . Turn on Private Google Access at the subnet level.
B . Turn on Private Google Access at the VPC level.
C . Turn on Private Services Access at the VPC level.
D . Create a set of custom static routes to send traffic to the external IP addresses of Google APIs and services via the default internet gateway.
E . Create a set of custom static routes to send traffic to the internal IP addresses of Google APIs and services via the default internet gateway.
Answer: AD
Explanation:
Reference: https://cloud.google.com/vpc/docs/private-access-options
Leave a Reply