Topic 1 Question 110
You have successfully created a development environment in a project for an application. This application uses Compute Engine and Cloud SQL. Now you need to create a production environment for this application. The security team has forbidden the existence of network routes between these 2 environments and has asked you to follow Google-recommended practices. What should you do?
Create a new project, enable the Compute Engine and Cloud SQL APIs in that project, and replicate the setup you have created in the development environment.
Create a new production subnet in the existing VPC and a new production Cloud SQL instance in your existing project, and deploy your application using those resources.
Create a new project, modify your existing VPC to be a Shared VPC, share that VPC with your new project, and replicate the setup you have in the development environment in that new project in the Shared VPC.
Ask the security team to grant you the Project Editor role in an existing production project used by another division of your company. Once they grant you that role, replicate the setup you have in the development environment in that project.
ユーザの投票
コメント(17)
Correct answer is A.
👍 34poogcp2020/06/10A - correct. Best practice is to create a new project for each environment, such as production and testing. There are no routes between VPCs in these projects by default, so that satisfies the requirement by the security team. B. Nope. not best practice and allows communication. C. While this is best practice to create a new project for a different environment, it explicitly breaks the security team's rule of having no path between environments by nature of the shared VPC. The shared VPC allows entities in both VPCs to communicate as if they were in the same VPC. That's definitely wrong. D. One - not best practice to replicate in the setup in that project. Two - why do they suddenly need the project editor rule? Just a bad answer. Wrong.
👍 32[Removed]2020/09/09Should be A it's a best practice "to have one project per application per environment." - https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations#project-structure
👍 6JieHeng2021/06/24
シャッフルモード