ExpertHard1 markMultiple Choice
GCP PCA · Question 28 · Domain 3: Designing for Security and Compliance
A healthcare application running on Compute Engine needs to access a third-party API. The third-party API requires IP allowlisting and will only accept traffic from a single, static IP address. The application is deployed across an autoscaled Managed Instance Group (MIG). How should you configure the network to meet this requirement?
A healthcare application running on Compute Engine needs to access a third-party API. The third-party API requires IP allowlisting and will only accept traffic from a single, static IP address. The application is deployed across an autoscaled Managed Instance Group (MIG). How should you configure the network to meet this requirement?
Answer options:
A.
Assign a static external IP address to each VM in the MIG.
B.
Route all outbound traffic through an Internal Load Balancer.
C.
Deploy Cloud NAT and assign a static external IP address to the NAT gateway.
D.
Use an External HTTP(S) Load Balancer with a static IP.
How to approach this question
Identify how to funnel outbound traffic from multiple dynamic VMs through a single static IP.
Full Answer
C.Deploy Cloud NAT and assign a static external IP address to the NAT gateway.✓ Correct
Deploy Cloud NAT and assign a static external IP address to the NAT gateway.
When an autoscaled group of VMs needs to communicate with an external service that requires IP allowlisting, you cannot rely on VM-level IPs. By placing the VMs in a private subnet and configuring Cloud NAT with a manual static IP allocation, all outbound traffic from the MIG will appear to originate from that single static IP.
Common mistakes
Choosing External Load Balancer (D). Load balancers are for ingress (incoming) traffic, not egress (outgoing).
Practice the full GCP Professional Cloud Architect Practice Exam 4
50 questions · hints · full answers · grading
More questions from this exam
Q01CASE STUDY: TechStream Gaming
Overview: 500 employees, $100M revenue. On-prem US/EU, 200 servers...MediumQ02CASE STUDY: TechStream Gaming
Overview: 500 employees, $100M revenue. On-prem US/EU, 200 servers...MediumQ03CASE STUDY: TechStream Gaming
Overview: 500 employees, $100M revenue. On-prem US/EU, 200 servers...HardQ04CASE STUDY: TechStream Gaming
Overview: 500 employees, $100M revenue. On-prem US/EU, 200 servers...HardQ05CASE STUDY: TechStream Gaming
Overview: 500 employees, $100M revenue. On-prem US/EU, 200 servers...Easy