🔥 3-day streak
Professional Cloud Security Engineer105 / 152
Question 105 of 152
A financial services company runs Compute Engine instances in a VPC with no external IP addresses and an organization policy that blocks external IPs. The instances must reach Google APIs such as Cloud Storage and BigQuery, but the security team requires that traffic use a private internal IP endpoint that they fully control and can reference in firewall rules and DNS, rather than the default public API domains. They also want to avoid routing this traffic over the internet or through Cloud NAT. Which approach meets these requirements?
Reviewed for accuracy · Report an issueNext question