An engineer needs to provide outbound internet access to a set of Compute Engine instances that have only internal IP addresses. The instances must use a static IP address for outbound traffic. Which solution should they implement?
Trap 1: Assign a static external IP to each instance and configure a…
The requirement specifies instances have only internal IPs, so assigning external IPs is not desired.
Trap 2: Configure Private Google Access on the subnet to route traffic to…
Private Google Access only allows access to Google APIs, not general internet.
Trap 3: Deploy a Compute Engine instance as a NAT instance with IP…
A custom NAT instance is possible but not the recommended solution; Cloud NAT is the managed service.
- A
Create a Cloud NAT gateway with static IP address and configure it on the VPC network.
Cloud NAT provides outbound internet access for instances without external IPs using a static IP.
- B
Assign a static external IP to each instance and configure a firewall rule to allow egress.
Why wrong: The requirement specifies instances have only internal IPs, so assigning external IPs is not desired.
- C
Configure Private Google Access on the subnet to route traffic to Google APIs.
Why wrong: Private Google Access only allows access to Google APIs, not general internet.
- D
Deploy a Compute Engine instance as a NAT instance with IP forwarding enabled.
Why wrong: A custom NAT instance is possible but not the recommended solution; Cloud NAT is the managed service.