You have configured a VPC Service Controls perimeter around your production project to protect Cloud Storage. However, an external partner needs to upload files to a specific bucket within this perimeter from their own GCP project. How do you allow this?

Answer options:

Remove the bucket from the perimeter.

Configure an Ingress Rule on the perimeter.

Configure an Egress Rule on the perimeter.

Create a VPC Peering connection to the partner.

How to approach this question

Understand VPC SC Ingress vs Egress rules.

Full Answer

B.Configure an Ingress Rule on the perimeter.✓ Correct

Configure an Ingress Rule on the perimeter to allow the partner's identity to access the specific bucket.

Ingress rules in VPC Service Controls allow you to grant specific external identities access to protected resources inside the perimeter without breaking the perimeter.

Common mistakes

Confusing Ingress (inbound to perimeter) with Egress (outbound from perimeter).

Question 29 All questions Question 31

Practice the full GCP Professional Cloud Architect Practice Exam 2

50 questions · hints · full answers · grading

More questions from this exam

Q01CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak...Medium Q02CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak...Medium Q03CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak...Hard Q04CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak...Medium Q05CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak...Easy

View all 50 questions →