A customer is collaborating with another company to build an application on Compute Engine. The customer is building the application tier in their GCP
Organization, and the other company is building the storage tier in a different GCP Organization. This is a 3-tier web application. Communication between portions of the application must not traverse the public internet by any means.
Which connectivity option should be implemented?
To ensure that communication between portions of the application does not traverse the public internet, VPC Peering is the most suitable option. VPC Peering allows resources in different VPC networks to communicate directly without using a public IP, ensuring that the traffic remains private and does not go over the internet. This is particularly useful when dealing with two different GCP organizations, as it provides the right isolation and security needed for sensitive communication.
both are GCP, should be VPC peering- Option A
Should be A
A, different orgs
Yes it Should be VPC Peering. https://cloud.google.com/vpc/docs/vpc-peering
A is the ansswer. use VCP Peering.
Ans - A
"A" Since both are in GCP then VPC Peering makes most sense. References: https://cloud.google.com/vpc/docs/vpc-peering
A is the answer.
only a
Vpc peering definitely
B is not correct because if Cloud VPN is used data travels over internet and question mentions it doesnt want the data to travel through internet. https://cloud.google.com/network-connectivity/docs/vpn/concepts/overview Cloud VPN securely connects your peer network to your Virtual Private Cloud (VPC) network through an IPsec VPN connection. Traffic traveling between the two networks is encrypted by one VPN gateway and then decrypted by the other VPN gateway. This action protects your data as it travels over the internet
Cloud VPN is a private connection, and different from normal IP VPN or IPSecVPN. Cloud VPN does not ride on internet. B is correct and appropriate, as it is cheaper than VPC peering, because VPC peering incurs charges
Cloud VPN securely connects your peer network to your Virtual Private Cloud (VPC) network through an IPsec VPN connection. Traffic traveling between the two networks is encrypted by one VPN gateway and then decrypted by the other VPN gateway. This action protects your data as it travels over the internet. You can also connect two instances of Cloud VPN to each other.
Communication between portions of the application must not traverse the public internet by any means, so A is the answer
A – Peering two VPCs does permit traffic to flow between the two shared networks, but it’s only bi-directional. Peered VPC networks remain administratively separate. Dedicated Interconnect connections enable you to connect your on-premises network … in another project, as long as they are both in the same organization. hence A
Agreed, A is correct.
Key information being "Communication between portions of the application must not traverse the public internet by any means" leaves only option "C" as a valid one, as all other options rely on the public internet for data transmission.
Connects your on-premises network to GCP, not relevant for connecting two GCP organizations