Google PCA Design and plan a cloud solution architecture • Complete Question Bank
Complete Google PCA Design and plan a cloud solution architecture question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit.
gcloud compute instances create my-instance \
--zone=us-central1-a \
--machine-type=e2-micro \
--image-family=debian-11 \
--image-project=debian-cloud \
--boot-disk-size=20GB \
--boot-disk-type=pd-standard \
--network-interface=subnet=default,no-address \
--metadata=startup-script='#! /bin/bash
sudo apt-get update
sudo apt-get install -y nginx
sudo systemctl enable nginx
sudo systemctl start nginx'Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Distribute traffic across instances
Cache content at edge locations
Protect against DDoS and web attacks
Enable outbound internet for private instances
Dedicated connection between on-prem and GCP
Drag a concept onto its matching description — or click a concept then click the description.
Manage encryption keys
Hardware security module for key protection
Store API keys, passwords, certificates
Manage access control
Centralized security and risk management
```
gcloud compute instances create my-instance \
--zone=us-central1-a \
--machine-type=e2-medium \
--image-family=debian-10 \
--image-project=debian-cloud \
--preemptible
``````json
{
"bindings": [
{
"role": "roles/storage.objectViewer",
"members": [
"allUsers"
]
}
]
}
``````
gcloud compute networks subnets create private-subnet \
--network=my-vpc \
--region=us-west1 \
--range=10.0.1.0/24 \
--enable-private-ip-google-access
```Refer to the exhibit.
gcloud compute instances create my-instance \
--zone=us-central1-a \
--machine-type=n1-standard-4 \
--image-family=ubuntu-2004-lts \
--image-project=ubuntu-os-cloud \
--boot-disk-size=50GB \
--boot-disk-type=pd-ssd \
--scopes=cloud-platform \
--service-account=my-sa@project.iam.gserviceaccount.com \
--tags=http-server,https-serverRefer to the exhibit.
{
"bindings": [
{
"role": "roles/storage.objectViewer",
"members": [
"user:admin@example.com"
]
},
{
"role": "roles/storage.objectAdmin",
"members": [
"serviceAccount:my-sa@project.iam.gserviceaccount.com"
]
}
]
}Refer to the exhibit.
```json
{
"bindings": [
{
"role": "roles/storage.objectViewer",
"members": ["user:alice@example.com"],
"condition": {
"title": "only_bucket_a",
"expression": "resource.name.startsWith('projects/_/buckets/bucket-a/')"
}
}
]
}
```{
"bindings": [
{
"role": "roles/compute.networkAdmin",
"members": [
"user:admin@example.com"
]
},
{
"role": "roles/compute.instanceAdmin.v1",
"members": [
"user:developer@example.com"
]
},
{
"role": "roles/iam.serviceAccountUser",
"members": [
"serviceAccount:sa-compute@project.iam.gserviceaccount.com"
]
}
],
"etag": "BwVJQ2RfPHQ="
}resource "google_compute_firewall" "allow_ssh" {
name = "allow-ssh"
network = "default"
priority = 1000
allow {
protocol = "tcp"
ports = ["22"]
}
source_ranges = ["0.0.0.0/0"]
target_tags = ["ssh-allowed"]
}
resource "google_compute_instance" "my_instance" {
name = "my-instance"
machine_type = "e2-micro"
zone = "us-central1-a"
tags = ["web", "ssh-allowed"]
boot_disk {
initialize_params {
image = "debian-cloud/debian-11"
}
}
network_interface {
network = "default"
access_config {
// Ephemeral public IP
}
}
}