ExpertGCP PCA · Question 40 · Design a solution infrastructure that meets business requirements
Your enterprise has a strict policy that no public IP addresses can be assigned to Compute Engine instances, and all resources must be deployed in the europe-west1 region. How can you enforce these rules organization-wide? (Select TWO)
Your enterprise has a strict policy that no public IP addresses can be assigned to Compute Engine instances, and all resources must be deployed in the europe-west1 region. How can you enforce these rules organization-wide? (Select TWO)
Answer options:
Apply an Organization Policy constraint to disable external IP addresses for Compute Engine.
Create a VPC Firewall rule to block all outbound traffic to 0.0.0.0/0.
Apply an Organization Policy constraint to restrict resource locations to europe-west1.
Use IAM conditions to remove the compute.instances.create permission if the region is not europe-west1.
Configure Cloud NAT to translate all public IPs to private IPs.
How to approach this question
Full Answer
Common mistakes
Practice the full GCP Professional Cloud Architect Practice Exam 1
50 questions · hints · full answers · grading