ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Data Engineer All Questions

View all questions & answers for the Professional Data Engineer exam
Go to Exam

Exam Professional Data Engineer topic 1 question 216 discussion

Actual exam question from Google's Professional Data Engineer
Question #: 216
Topic #: 1
[All Professional Data Engineer Questions]

You are developing an Apache Beam pipeline to extract data from a Cloud SQL instance by using JdbcIO. You have two projects running in Google Cloud. The pipeline will be deployed and executed on Dataflow in Project A. The Cloud SQL. instance is running in Project B and does not have a public IP address. After deploying the pipeline, you noticed that the pipeline failed to extract data from the Cloud SQL instance due to connection failure. You verified that VPC Service Controls and shared VPC are not in use in these projects. You want to resolve this error while ensuring that the data does not go through the public internet. What should you do?

  • A. Set up VPC Network Peering between Project A and Project B. Add a firewall rule to allow the peered subnet range to access all instances on the network.
  • B. Turn off the external IP addresses on the Dataflow worker. Enable Cloud NAT in Project A.
  • C. Add the external IP addresses of the Dataflow worker as authorized networks in the Cloud SQL instance.
  • D. Set up VPC Network Peering between Project A and Project B. Create a Compute Engine instance without external IP address in Project B on the peered subnet to serve as a proxy server to the Cloud SQL database.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by e70ea9e at Dec. 30, 2023, 9:41 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
aoifneofi_ef
Highly Voted 10 months, 2 weeks ago
Selected Answer: D
It is a tie between A and D. Option A will definitely provide necessary connectivity but is less secure as access is enabled to "all instances". Which i feel is unnecessary considering industry best practices. Option D provides the necessary connectivity but brings in the unnecessary overhead of managing an extra VM and introduces a bit of extra complexity. Since the question emphasises on data not going through public internet(which is satisfied in both options), i would prioritise security over simplicity and choose option D in this case.
upvoted 7 times
...
clouditis
Highly Voted 6 months, 2 weeks ago
Selected Answer: A
A looks to be the best out of the 4, D is complicated involving Compute Engine which is unnecessary making it cumbersome to address the problem
upvoted 5 times
...
Ben_oso
Most Recent 5 days, 20 hours ago
Selected Answer: A
VPC Peering allow to two private routes can communicate each other.
upvoted 1 times
...
71083a7
5 months, 1 week ago
Selected Answer: D
"all instances" freaks me out
upvoted 2 times
...
julydev82
6 months, 3 weeks ago
Selected Answer: A
vpc create a subnet beetwen sql Cloud and the dataflow. https://cloud.google.com/sql/docs/mysql/private-ip#multiple_vpc_connectivity
upvoted 2 times
...
fadlkhafdofpew
9 months, 3 weeks ago
Selected Answer: A
The answer is A. While D might work, it adds unnecessary complexity. Setting up a proxy is an extra layer of infrastructure that isn’t required
upvoted 1 times
...
Saaaurabh
10 months, 2 weeks ago
Selected Answer: A
If properly implemented with the right routing and firewall rules, Option A can be the correct and most straightforward solution, as it leverages VPC Peering to maintain internal traffic without going through the public internet.
upvoted 1 times
...
meh_33
10 months, 3 weeks ago
A is correct
upvoted 1 times
...
kk1211
11 months, 3 weeks ago
still confused between A and D
upvoted 1 times
...
Lenifia
12 months ago
Selected Answer: A
A is correct
upvoted 2 times
...
kajitsu
1 year ago
Selected Answer: A
no proxy needed
upvoted 1 times
...
Lestrang
1 year ago
Selected Answer: A
People referencing "VPC Network Peering does not provide transitive routing. For example, if VPC networks net-a and net-b are connected using VPC Network Peering, and VPC networks net-a and net-c are also connected using VPC Network Peering, VPC Network Peering does not provide connectivity between net-b and net-c." the question states that cloud sql is running in project B. Which means the instance is already part of the VPC in project B, so with Network Peering workers from A can definitely access data in B. No proxy is needed.
upvoted 1 times
...
fabiogoma
1 year, 1 month ago
Selected Answer: A
Why so many people are voting for D? There's no need for a proxy, the peering is enough to allow network traffic between subnets.
upvoted 2 times
fabiogoma
1 year, 1 month ago
Now I see why, I put this on ChatGPT and it thinks the right answer is D. I'm pretty sure that's a hallucination.
upvoted 2 times
Positron75
3 weeks ago
A says to allow access to "all instances in the network", which is excessive and not good practice security-wise. This is yet another question where no answer is fully correct and it's up to you to choose which one is less wrong.
upvoted 1 times
...
...
...
ccpmad
1 year, 1 month ago
Proxy? no, it is not necessary.. A
upvoted 2 times
...
josech
1 year, 1 month ago
Selected Answer: D
https://cloud.google.com/sql/docs/mysql/connect-multiple-vpcs
upvoted 2 times
...
chrissamharris
1 year, 4 months ago
Selected Answer: A
A - The requirement for a proxy is un-necessary: https://cloud.google.com/sql/docs/mysql/private-ip#multiple_vpc_connectivity
upvoted 4 times
...
ML6
1 year, 4 months ago
Option D. Source: https://cloud.google.com/sql/docs/mysql/private-ip#multiple_vpc_connectivity
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel